GenerateArgon2Hash()
Generates an Argon2 password hash. For new code, prefer Argon2Hash() which uses stronger OWASP-recommended defaults.
Status:
Requires Extension: Crypto Extension
GenerateArgon2Hash( input=string, variant=string, parallelismFactor=numeric, memoryCost=numeric, iterations=numeric );
Returns: String
| Argument | Description | Default |
|---|---|---|
|
input
string,
required
|
edit
Input string. |
|
|
variant
string,
optional
|
edit
Either Argon2i, Argon2d or Argon2id |
argon2i |
|
parallelismFactor
numeric,
optional
|
edit
Degrees of parallelism, a number between 1 and 10. |
1 |
|
memoryCost
numeric,
optional
|
edit
A number between 8 and 100000. |
8 |
|
iterations
numeric,
optional
|
edit
A number between 1 and 20. |
1 |
Usage Notes
editOriginally provided by the Argon2 Extension on Lucee 5.3.8.18+ and 6.x, and now also by the Crypto Extension on Lucee 7+ (which replaces it).
It uses legacy defaults (argon2i, 8 KB memory, 1 iteration) which are weaker than current OWASP recommendations.
For new code, prefer Argon2Hash() which defaults to argon2id with 19 MB memory and 2 iterations. Existing code using GenerateArgon2Hash will continue to work — hashes created with either function can be verified by Argon2Verify().
Examples
edit// GenerateArgon2Hash is deprecated - use Argon2Hash() instead for OWASP-recommended defaults
// GenerateArgon2Hash uses weaker defaults (argon2i, 8 KB memory, 1 iteration) for backwards compatibility
password = "my-secret-password";
hash = GenerateArgon2Hash( password );
// Verify with Argon2CheckHash (also deprecated - use Argon2Verify)
isValid = Argon2CheckHash( password, hash ); // true
// Custom parameters: variant, parallelism, memoryCost (KB), iterations
hash = GenerateArgon2Hash( password, "argon2id", 1, 8192, 2 );
See also
- Cryptography
- Argon2CheckHash()
- Argon2Hash()
- Search Issue Tracker open_in_new
- Search Lucee Test Cases open_in_new (good for further, detailed examples)