Password hashing: bcrypt vs argon2, khi nào dùng cái nào?

OWASP 2025 khuyến nghị argon2id (memory-cost=64MB, time-cost=3) là best practice; bcrypt vẫn secure với cost=12 nhưng bị truncate ở 72 bytes.

Cả hai đều là password hashing functions thiết kế đặc biệt để chậm — khác với SHA-256/MD5 được tối ưu để NHANH. bcrypt: battle-tested từ 1999, cost factor (saltRounds) tăng exponentially; Node.js: bcrypt.hash(password, 12). Argon2: winner Password Hashing Competition 2015, ba variants: argon2d (GPU resistant), argon2i (side-channel resistant), argon2id (cả hai — recommended).
Tham số: memory-cost (RAM, default 64MB), time-cost (iterations), parallelism.
Node.js: argon2.hash(password) với argon2.argon2id variant.
So sánh: Argon2id resistant với GPU attacks và side-channel attacks tốt hơn bcrypt; OWASP khuyến nghị argon2id (memory-cost=64MB, time-cost=3, parallelism=4). bcrypt giới hạn 72 bytes input (passwords dài hơn bị truncate — security issue); argon2 không có giới hạn.
Thực tế 2025: argon2id là best practice mới, bcrypt vẫn secure nếu cost đủ cao và không có passwords >72 bytes.
Migration: hash mới bằng argon2id khi user login (verify với bcrypt, rehash với argon2id, save mới) — zero downtime migration.
Lưu ý: await bcrypt.hash(password, 10) trong test CI sẽ slow down tests đáng kể — dùng bcrypt.hash(password, 1) hoặc mock trong unit tests.

OWASP 2025 recommends argon2id (memory-cost=64MB, time-cost=3) as best practice; bcrypt is still secure at cost=12 but truncates at 72 bytes.

Both are password hashing functions specifically designed to be slow — unlike SHA-256/MD5 which are optimized to be FAST. bcrypt: battle-tested since 1999, cost factor (saltRounds) increases exponentially; Node.js: bcrypt.hash(password, 12). Argon2: winner of the Password Hashing Competition 2015, three variants: argon2d (GPU resistant), argon2i (side-channel resistant), argon2id (both — recommended).
Parameters: memory-cost (RAM, default 64MB), time-cost (iterations), parallelism.
Node.js: argon2.hash(password) with argon2.argon2id variant.
Comparison: argon2id is more resistant to GPU and side-channel attacks than bcrypt; OWASP recommends argon2id (memory-cost=64MB, time-cost=3, parallelism=4). bcrypt truncates input at 72 bytes (passwords longer than this have reduced security); argon2 has no limit.
In practice for 2025: argon2id is the new best practice; bcrypt is still secure with a high enough cost factor and no passwords over 72 bytes.
Migration: hash new passwords with argon2id on login (verify with bcrypt, rehash with argon2id, save new hash) — zero-downtime migration.

Pitfall: await bcrypt.hash(password, 10) in CI tests significantly slows tests — use bcrypt.hash(password, 1) or mock in unit tests.

Xem toàn bộ Bảo Mật cùng filter theo level & chủ đề con.

Password hashing: bcrypt vs argon2, khi nào dùng cái nào?

OWASP 2025 khuyến nghị argon2id (memory-cost=64MB, time-cost=3) là best practice; bcrypt vẫn secure với cost=12 nhưng bị truncate ở 72 bytes.

Cả hai đều là password hashing functions thiết kế đặc biệt để chậm — khác với SHA-256/MD5 được tối ưu để NHANH. bcrypt: battle-tested từ 1999, cost factor (saltRounds) tăng exponentially; Node.js: bcrypt.hash(password, 12). Argon2: winner Password Hashing Competition 2015, ba variants: argon2d (GPU resistant), argon2i (side-channel resistant), argon2id (cả hai — recommended).
Tham số: memory-cost (RAM, default 64MB), time-cost (iterations), parallelism.
Node.js: argon2.hash(password) với argon2.argon2id variant.
So sánh: Argon2id resistant với GPU attacks và side-channel attacks tốt hơn bcrypt; OWASP khuyến nghị argon2id (memory-cost=64MB, time-cost=3, parallelism=4). bcrypt giới hạn 72 bytes input (passwords dài hơn bị truncate — security issue); argon2 không có giới hạn.
Thực tế 2025: argon2id là best practice mới, bcrypt vẫn secure nếu cost đủ cao và không có passwords >72 bytes.
Migration: hash mới bằng argon2id khi user login (verify với bcrypt, rehash với argon2id, save mới) — zero downtime migration.
Lưu ý: await bcrypt.hash(password, 10) trong test CI sẽ slow down tests đáng kể — dùng bcrypt.hash(password, 1) hoặc mock trong unit tests.

OWASP 2025 recommends argon2id (memory-cost=64MB, time-cost=3) as best practice; bcrypt is still secure at cost=12 but truncates at 72 bytes.

Both are password hashing functions specifically designed to be slow — unlike SHA-256/MD5 which are optimized to be FAST. bcrypt: battle-tested since 1999, cost factor (saltRounds) increases exponentially; Node.js: bcrypt.hash(password, 12). Argon2: winner of the Password Hashing Competition 2015, three variants: argon2d (GPU resistant), argon2i (side-channel resistant), argon2id (both — recommended).
Parameters: memory-cost (RAM, default 64MB), time-cost (iterations), parallelism.
Node.js: argon2.hash(password) with argon2.argon2id variant.
Comparison: argon2id is more resistant to GPU and side-channel attacks than bcrypt; OWASP recommends argon2id (memory-cost=64MB, time-cost=3, parallelism=4). bcrypt truncates input at 72 bytes (passwords longer than this have reduced security); argon2 has no limit.
In practice for 2025: argon2id is the new best practice; bcrypt is still secure with a high enough cost factor and no passwords over 72 bytes.
Migration: hash new passwords with argon2id on login (verify with bcrypt, rehash with argon2id, save new hash) — zero-downtime migration.

Pitfall: await bcrypt.hash(password, 10) in CI tests significantly slows tests — use bcrypt.hash(password, 1) or mock in unit tests.

Xem toàn bộ Bảo Mật cùng filter theo level & chủ đề con.