GenerateArgon2Hash()
Generates an Argon2 password hash. For new code, prefer Argon2Hash() which uses stronger OWASP-recommended defaults.
Introduced: 5.3.8.18
Requires Extension: Crypto Extension
GenerateArgon2Hash( input=string, variant=string, parallelismFactor=number, memoryCost=number, iterations=number );
Returns: String
| Argument | Description | Default |
|---|---|---|
|
input
string,
required
|
edit
Input string. |
|
|
variant
string,
optional
|
edit
Either Argon2i, Argon2d or Argon2id Introduced: 5.3.8.43 |
argon2i |
|
parallelismFactor
number,
optional
|
edit
Degrees of parallelism, a number between 1 and 10. |
1 |
|
memoryCost
number,
optional
|
edit
A number between 8 and 100000. |
8 |
|
iterations
number,
optional
|
edit
A number between 1 and 20. |
1 |
Usage Notes
editThis function is provided by the bundled argon2 extension and also by the crypto extension (which replaces it). It uses legacy defaults (argon2i, 8 KB memory, 1 iteration) which are weaker than current OWASP recommendations.
For new code, prefer Argon2Hash() which defaults to argon2id with 19 MB memory and 2 iterations. Existing code using GenerateArgon2Hash will continue to work — hashes created with either function can be verified by Argon2Verify().
Examples
edit// GenerateArgon2Hash is deprecated - use Argon2Hash() instead for OWASP-recommended defaults
// GenerateArgon2Hash uses weaker defaults (argon2i, 8 KB memory, 1 iteration) for backwards compatibility
password = "my-secret-password";
hash = GenerateArgon2Hash( password );
// Verify with Argon2CheckHash (also deprecated - use Argon2Verify)
isValid = Argon2CheckHash( password, hash ); // true
// Custom parameters: variant, parallelism, memoryCost (KB), iterations
hash = GenerateArgon2Hash( password, "argon2id", 1, 8192, 2 );
See also
- Cryptography
- Argon2CheckHash()
- Argon2Hash()
- Search Issue Tracker open_in_new
- Search Lucee Test Cases open_in_new (good for further, detailed examples)