Popularity
4.1
Growing
Activity
1.3
-
87
4
7

Programming language: Go
License: GNU General Public License v3.0 only
Tags: Security    
Latest version: v1.1.0

argon2pw alternatives and similar packages

Based on the "Security" category.
Alternatively, view argon2pw alternatives based on common mentions on social networks and blogs.

Do you think we are missing an alternative of argon2pw or a related project?

Add another 'Security' Package

README

argon2pw

GoDoc Build Status Go Report Card

Argon2 password hashing package with constant time hash comparison

Preface: Argon2 was selected as the winner of the Password Hashing Competition. Argon2 is ideal for deriving cryptographic keys from passwords.

This package utilizes the Argon2i hashing algorithm that is the side-channel resistant version of Argon2. It uses data-independent memory access, which is preferred for password hashing and password-based key derivation. Argon2i requires more passes over memory than Argon2id to protect from trade-off attacks.

The generated salted hash is ideal for persistent storage in a single column as a string and is future proof if time or memory parameters for argon2i change.

Additionally, argon2pw includes a function for password comparison in constant time to prevent timing attack vectors.

Usage:

package main
import "github.com/raja/argon2pw"

 func main() {
     // Generate a hashed password
     testPassword := `testPassword$x1w432b7^`
     hashedPassword, err := argon2pw.GenerateSaltedHash(testPassword)
     if err != nil {
         log.Panicf("Hash generated returned error: %v", err)
     }

     // Test correct password in constant time
     valid, err := argon2pw.CompareHashWithPassword(hashedPassword, testPassword)
     log.Printf("The password validity is %t against the hash", valid)

     // Test incorrect password in constant time
     valid, err = argon2pw.CompareHashWithPassword(hashedPassword, "badPass")
     log.Printf("The password validity is %t against the hash", valid)
 }