crypto_pwhash_*
API currently leverages the Argon2id function on all platforms. This can change at any point in time, but it is guaranteed that a given version of libsodium can verify all hashes produced by all previous versions from any platform. Applications don't have to worry about backward compatibility.crypto_pwhash_scryptsalsa208sha256_*
API uses the more conservative and widely deployed scrypt function.ph = password_hash(password, seed)
and sends ph
to the server. password_hash
is a password hashing function tuned for the maximum memory and CPU usage the client can handle. The server stores the seed and password_hash'(ph, seed)
for this user account. password_hash'
is a password hashing function, whose parameters can be tuned for low memory and CPU usage.crypto_generichash()
with a key on the username as the message). The client computes ph = password_hash(password, seed)
and sends it to the server. The server computes password_hash'(ph, seed)
and compares it against what was stored in the database.