How to use the command 'argon2' (with examples)
Argon2 is a command-line utility that allows you to calculate Argon2 cryptographic hashes. Argon2 is a password hashing algorithm that is resistant to both side-channel attacks and GPU cracking attacks, making it a strong choice for securely storing passwords. In this article, we will explore different use cases of the argon2
command and provide examples for each case.
Use case 1: Calculate a hash with a password and a salt with the default parameters
Code:
echo "password" | argon2 "salt_text"
Motivation: This use case allows you to calculate a hash using the default parameters of Argon2. This is useful when you don’t need to customize the iteration, memory usage, or parallelism of the hash calculation.
Explanation:
echo "password"
: This command is used to pass the password to theargon2
command. You can replace"password"
with the actual password you want to hash.argon2 "salt_text"
: This command calculates the Argon2 hash using the provided password and salt. Replace"salt_text"
with the actual salt you want to use.
Example output:
$ echo "password" | argon2 "salt_text"
Type: Argon2id
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: cb9fd854f3946da97e7b4784cc3cd57d89312142f5b997e72fcbd8c581ead2c8
Encoded: $argon2id$v=19$m=4096,t=3,p=1$c2FsdF90ZXh0$y536VOOWaemXe0h4TMzVfYkxIUNbWZ-I_8vejFF63c4
Use case 2: Calculate a hash with the specified algorithm
Code:
echo "password" | argon2 "salt_text" -d|i|id
Motivation: This use case allows you to specify the algorithm you want to use for the Argon2 hash calculation. You can choose from argoni2d
, argon2i
, or argon2id
. This allows you to customize the security level and performance of the hash.
Explanation:
echo "password"
: This command is used to pass the password to theargon2
command.argon2 "salt_text"
: This command calculates the Argon2 hash using the provided password and salt. Replace"salt_text"
with the actual salt you want to use.-d|i|id
: This option allows you to specify the algorithm to be used. Choose eitherd
for Argon2d,i
for Argon2i, orid
for Argon2id.
Example output (using -id
option):
$ echo "password" | argon2 "salt_text" -id
Type: Argon2id
Iterations: 3
Memory: 4096 KiB
Parallelism: 1
Hash: cb9fd854f3946da97e7b4784cc3cd57d89312142f5b997e72fcbd8c581ead2c8
Encoded: $argon2id$v=19$m=4096,t=3,p=1$c2FsdF90ZXh0$y536VOOWaemXe0h4TMzVfYkxIUNbWZ-I_8vejFF63c4
Use case 3: Display the output hash without additional information
Code:
echo "password" | argon2 "salt_text" -e
Motivation: Sometimes, you may only want to retrieve the final hash without any additional information. This use case allows you to easily obtain the hash without any extra output.
Explanation:
echo "password"
: This command is used to pass the password to theargon2
command.argon2 "salt_text"
: This command calculates the Argon2 hash using the provided password and salt. Replace"salt_text"
with the actual salt you want to use.-e
: This option tells theargon2
command to display only the output hash without any additional information.
Example output:
$ echo "password" | argon2 "salt_text" -e
cb9fd854f3946da97e7b4784cc3cd57d89312142f5b997e72fcbd8c581ead2c8
Use case 4: Calculate a hash with given iteration [t]imes, [m]emory usage, and [p]arallelism parameters
Code:
echo "password" | argon2 "salt_text" -t 5 -m 20 -p 7
Motivation: This use case is useful when you want to explicitly set the iteration times, memory usage, and parallelism parameters for the Argon2 hash calculation. This allows you to fine-tune the security level and performance of the hash.
Explanation:
echo "password"
: This command is used to pass the password to theargon2
command.argon2 "salt_text"
: This command calculates the Argon2 hash using the provided password and salt. Replace"salt_text"
with the actual salt you want to use.-t 5
: This option sets the iteration times to 5. Adjust the value to suit your security requirements.-m 20
: This option sets the memory usage to 20 MiB. Increase or decrease the value based on the memory capacity of your system.-p 7
: This option sets the parallelism factor to 7. The higher the parallelism factor, the faster the hash calculation, but it may require more system resources.
Example output:
$ echo "password" | argon2 "salt_text" -t 5 -m 20 -p 7
Type: Argon2id
Iterations: 5
Memory: 20480 KiB
Parallelism: 7
Hash: 49d869ffb2ca97c999699a76bfb4480b95b2f5f13903eb6c18ec7198fb1f37a7
Encoded: $argon2id$v=19$m=20480,t=5,p=7$c2FsdF90ZXh0$Sdpv_7KclaOTmplr77RIC5Wy