Argon2 Hash Generator
Generate Argon2id password hashes. Configure memory cost, iterations, and parallelism. The recommended password hashing algorithm. Free, client-side tool.
Frequently Asked Questions
What is Argon2?
Argon2 is a password hashing algorithm that won the 2015 Password Hashing Competition. It is designed to be resistant to both GPU-based and ASIC-based brute-force attacks by requiring configurable amounts of memory, CPU time, and parallelism. OWASP and NIST recommend Argon2id as the primary choice for hashing passwords in modern applications.
What is the difference between Argon2 and bcrypt?
Both are adaptive password hashing functions, but Argon2 adds memory-hardness as a defense against specialized hardware attacks. Bcrypt uses a fixed 4 KB of memory, making it vulnerable to massively parallel GPU cracking. Argon2 lets you require megabytes of RAM per hash, making large-scale attacks far more expensive. For new projects, Argon2id is the recommended choice.
What is Argon2id?
Argon2id is a hybrid variant that combines Argon2i (optimized against side-channel attacks) and Argon2d (optimized against GPU cracking). The first pass uses data-independent memory access (like Argon2i) and subsequent passes use data-dependent access (like Argon2d). This gives the best protection against both attack vectors and is the variant recommended by RFC 9106.
What are the recommended Argon2 parameters?
OWASP recommends Argon2id with a minimum of 19 MiB memory (m=19456), 2 iterations (t=2), and 1 degree of parallelism (p=1) for interactive login. For higher security, use 64 MiB memory with 3 iterations. The goal is to keep hashing time between 0.5 and 1 second on your production hardware. Always generate a unique random salt per password.
Is this tool free?
Yes. All KappaKit tools are free, run in your browser, and require no signup or account.