/argon2_elixir

Elixir wrapper for the Argon2 password hashing algorithm

Primary LanguageElixir

Argon2

Patreon Hex.pm Version

Argon2 password hashing for Elixir.

Argon2 is the official winner of the Password Hashing Competition, a several year project to identify a successor to Bcrypt / Pbkdf2 / Scrypt password hashing methods.

This library can be used on its own, or it can be used together with Comeonin, which provides a higher-level api.

Requirements

  • Elixir version 1.4 or later
  • Erlang / OTP version 18 or later
    • Erlang (< 20) needs to be built with the --enable-dirty-schedulers flag set
    • Erlang 20 has dirty schedulers enabled by default
  • A C compiler, such as gcc

Dirty scheduler

As stated above, you need to build Erlang with dirty scheduler support to use this library, which relies on dirty scheduler support in order to handle long-running cryptography jobs, by moving them off the main Erlang scheduler and letting the dirty schedulers handle the work. This keeps the Erlang VM responsive.

Installation

  1. Add argon2_elixir to your list of dependencies in mix.exs:
def deps do
  [{:argon2_elixir, "~> 1.3"}]
end

  1. Configure argon2_elixir - see the documentation for Argon2.Stats for more details

  2. Optional: during tests (and tests only), you may want to reduce the number of rounds so it does not slow down your test suite. If you have a config/test.exs, you should add:

config :argon2_elixir, t_cost: 2, m_cost: 8

Use

Most users will just need to use the hash_pwd_salt/2 and verify_pass/3 functions in the Argon2 module.

hash_pwd_salt generates a random salt and creates a hash from a password.

verify_pass takes a password and a stored hash and checks that the password is correct.

There is also a no_user_verify function which can be used to make user enumeration more difficult.

For more information about configuring Argon2, see the documentation for the Argon2.Base.hash_password function and the Argon2.Stats module.

For further information about password hashing and using Argon2 with Comeonin, see the Comeonin wiki.

Deployment

See the Comeonin deployment guide.

Contributing

There are many ways you can contribute to the development of this library, including:

Donations

You can support the ongoing maintenance of this project by making donations through Patreon.

Patreon, by default, will bill you on a monthly basis. If you prefer to make a one-off payment, see this guide.

License

Apache 2.0. Please read the argon2/LICENSE file for more details about the Argon2 license.