mirror of
https://github.com/google/nomulus
synced 2026-01-04 04:04:22 +00:00
b1266c95e8
We've previously been using Scrypt since PR #2191 which, while being a memory-hard slow function, isn't the optimal solution according to the OWASP recommendations. While we could get away with increasing the parallelization parameter to 3, it's better to just switch to the most-recommended solution if we're switching things up anyway. For the transition, we do something similar to PR #2191 where if the previous-algorithm's hash is successful, we re-hash with Argo2id and store that version. By doing this, we should not need any intervention for registrars who log in at any point during the transition period. Much of this PR, especially the parts where we re-hash the passwords in Argon2 instead of Scrypt upon login, is based on the code that was eventually removed in #2310.