goArgonPass alternatives and similar packages
Based on the "Security" category.
Alternatively, view goArgonPass alternatives based on common mentions on social networks and blogs.
-
Lean and Mean Docker containers
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source) -
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability. -
-
-
-
-
Themis by Cossack Labs
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms. -
acra
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL. -
ToRat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication -
-
dongle
A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption -
-
-
simple-scrypt
A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go ๐ -
go-peer
A software library for creating secure and anonymous decentralized systems. Confirmed by theoretical works โ "Theory of the structure of hidden systems", "Monolithic cryptographic protocol", "Abstract anonymous networks", "Decentralized key exchange protocol". -
goSecretBoxPassword
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase. -
go-generate-password
Password generator written in Golang, usable as a CLI or Go library. Provides options for human readable and accessibility friendly passwords. -
passwap
Package passwap provides a unified implementation between different password hashing algorithms. It allows for easy swapping between algorithms, using the same API for all of them. -
secureio
An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer. -
WorkOS - The modern identity platform for B2B SaaS
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of goArgonPass or a related project?
|
InfluxDB - Power Real-Time Data Analytics at Scale
sponsored
www.influxdata.com
|
Popular Comparisons
-
goArgonPassvsbeelzebub
-
autocertvslego
-
acmetoolvslego
-
garblevsgo-yara
-
argon2-hashingvspasslib
|
SaaSHub - Software Alternatives and Reviews
sponsored
www.saashub.com
|
README
goArgonPass
Travis:
Drone:
All hashing and crypto is done by Go library packages. This is only a utility package to make the process described easier.
Description
goArgonPass is a Argon2 Password utility package for Go using the crypto library package Argon2. Argon2 was the winner of the most recent Password Hashing Competition and doesn't suffer from issues that Bcrypt has such as truncating input over 72 characters. This is designed for use anywhere password hashing and verification might be needed and is intended to replace implementations using bcrypt or Scrypt. The string input/output format was designed to be compatible with Passlib for Python and Argon2 PHP, and you should have full compatibility using the argon2i function, but will not be able to use argon2id, which is the default for this pacakge until those libraries are updated to support it. I encourage you to find the parameters that work best for your application, but the defaults are resonable for an interactive use such as a web application login.
The default Argon2 function is Argon2id, which is a hybrid version of Argon2 combining Argon2i and Argon2d. Argon2id is side-channel resistant and provides better brute- force cost savings due to time-memory tradeoffs than Argon2i, but Argon2i is still plenty secure.
Argon2id variant with t=1 and maximum available memory is recommended as a default setting for all environments. This setting is secure against side-channel attacks and maximizes adversarial costs on dedicated bruteforce hardware.
Get Started
go get github.com/dwin/goArgonPass
See example/example.go:
import (
"fmt"
"os"
argonpass "github.com/dwin/goArgonPass"
)
func main() {
// Obtain user password from form or other input
userPassInput := "password"
// Hash with Default Parameters
hash, err := argonpass.Hash(userPassInput, nil)
if err != nil {
// Handle Error
os.Exit(1)
}
fmt.Println("Hash Output: ", hash)
// Verify Hash
err = argonpass.Verify(userPassInput, hash)
if err != nil {
fmt.Println("Hash verification error: ", err)
}
fmt.Println("Hash verified")
}
Output Format
$ argon2id$v=19$m=65536,t=1,p=4$in2Oi1x57p0=$FopwSR12aLJ9OGPw1rKU5K5osAOGxOJzxC/shk+i850=
$ argon2{function(i/id)}$v={version}$m={memory},t={time},p={parallelism}${salt(base64)}${digest(base64)}
Other Notes
Custom Parameters
Set Custom Parameters by passing ArgonParams{} to Hash().
| Parameter | Type | Default | Valid Range |
|---|---|---|---|
| Time | uint32 |
1 |
>= 1 |
| Memory | uint32 |
65536 |
>= 1024 |
| Parallelism | uint8 |
4 |
1-64 |
| OutputSize | uint32 |
16 |
16-64 |
| Function | ArgonVariant |
ArgonVariant2id |
ArgonVariant2id - ArgonVariant2i |
| SaltSize | uint8 |
16 |
16-64 |
type ArgonParams struct {
Time uint32
Memory uint32
Parallelism uint8
OutputSize uint32
Function ArgonVariant
SaltSize uint8
}