Git Product home page Git Product logo

argon2_elixir's Introduction

Argon2

Argon2 password hashing for Elixir.

Argon2 is the official winner of the Password Hashing Competition, a several year project to identify a successor to Bcrypt / Pbkdf2 / Scrypt password hashing methods.

This library can be used on its own, or it can be used together with Comeonin, which provides a higher-level api.

Requirements

  • Elixir version 1.4 or later
  • Erlang / OTP version 18 or later
    • Erlang (< 20) needs to be built with the --enable-dirty-schedulers flag set
    • Erlang 20 has dirty schedulers enabled by default
  • A C compiler, such as gcc

Dirty scheduler

As stated above, you need to build Erlang with dirty scheduler support to use this library, which relies on dirty scheduler support in order to handle long-running cryptography jobs, by moving them off the main Erlang scheduler and letting the dirty schedulers handle the work. This keeps the Erlang VM responsive.

Installation

  1. Add argon2_elixir to your list of dependencies in mix.exs:
def deps do
  [{:argon2_elixir, "~> 1.2"}]
end
  1. Configure argon2_elixir - see the documentation for Argon2.Stats for more details

  2. Optional: during tests (and tests only), you may want to reduce the number of rounds so it does not slow down your test suite. If you have a config/test.exs, you should add:

config :argon2_elixir,
  t_cost: 1,
  m_cost: 8

Use

Most users will just need to use the hash_pwd_salt/2 and verify_pass/3 functions in the Argon2 module.

hash_pwd_salt generates a random salt and creates a hash from a password.

verify_pass takes a password and a stored hash and checks that the password is correct.

There is also a no_user_verify function which can be used to make user enumeration more difficult.

For more information about configuring Argon2, see the documentation for the Argon2.Base.hash_password function and the Argon2.Stats module.

For further information about password hashing and using Argon2 with Comeonin, see the Comeonin wiki.

Deployment

See the Comeonin deployment guide.

License

Apache 2.0. Please read the argon2/LICENSE file for more details about the Argon2 license.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.