Migrate to Argon2
Argon2 is a cool hash algorithm that is slowly becoming standard as it won PCH2015. Compared to bcrypt:
- No limit to the input string (compared to 72 max from bcrypt), though we would still maintain a high enough limit for passwords that couldn't be cracked in lifetimes (512, maybe).
- The argon2-cffi library for python provides clean ways to upgrade/downgrade the parameters of Argon2. This is important, considering we have moved elixire from hardware 1 to hardware 2 and so, parameter changes happen.
Proposal
If we can't have a stable pattern for argon2/bcrypt hashes (pretty sure we can, so this split isn't necessary):- Split
user.password_hash
intouser.password_hash_bcrypt
anduser.password_hash_argon
(default null) - When logging in, check if we need to run bcrypt or argon2 depending of
the existing pattern ORwhich column isn't null (depending on the 1st point's solution) - If we use bcrypt, then re-hash the given password under argon2 and set the password hash.
- If we use argon2, check if we need to upgrade parameters, re-hash and set the password hash.
- Business as usual.
This does not change v3 API, and, considering it is a full backend change, I'm also proposing for this to be developed and deployed in the current state of v3.
Edited by luna