18.3.0:
Changes:
- argon2.PasswordHasher's hash type is configurable now.
18.2.0:
Changes:
- The hash type for argon2.PasswordHasher is Argon2\ **id** now.
This decision has been made based on the recommendations in the latest Argon2 RFC draft <https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03#section-4>_.
- To make the change of hash type backward compatible, argon2.PasswordHasher.verify() now determines the type of the hash and verifies it accordingly.
- Some of the hash parameters have been made stricter to be closer to said recommendations.
The current goal for a hash verification times is around 50ms.
- To allow for bespoke decisions about upgrading Argon2 parameters, it's now possible to extract them from a hash via the argon2.extract_parameters() function.
- Additionally argon2.PasswordHasher now has a check_needs_rehash() method that allows to verify whether a hash has been created with the instance's parameters or whether it should be rehashed.
