|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #75224 Allow for argon2id in password_hash
Submitted: 2017-09-18 13:46 UTC Modified: 2019-09-09 16:46 UTC
Avg. Score:4.7 ± 0.7
Reproduced:7 of 8 (87.5%)
Same Version:6 (85.7%)
Same OS:4 (57.1%)
From: phpdoc at mail dot my1 dot info Assigned: cmb (profile)
Status: Closed Package: *Encryption and hash functions
PHP Version: Next Minor Version OS: Win8.1 x64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: phpdoc at mail dot my1 dot info
New email:
PHP Version: OS:


 [2017-09-18 13:46 UTC] phpdoc at mail dot my1 dot info
argon2i is pretty nice for password hashing, true but it has some problems with memory/computation tradeoffs, wouldnt it be epic to have argon2id in the next version (as PHP7.2 is already frozen) to have a hybrid which goes both against side channels and tradeoff attacks?

in fact the ietf draft for argon2 recommends using argon2id as default.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-09-09 16:46 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
 [2019-09-09 16:46 UTC]
argon2id is supported as of PHP 7.3.0.
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Aug 10 16:01:23 2020 UTC