Crypt::Passphrase::Argon2 - An Argon2 encoder for Crypt::Passphrase


version 0.003


This class implements an Argon2 encoder for Crypt::Passphrase. It is the recommended password encoder as of 2021.

The default settings are taken from the intermediate profile of libsodium's password hashing. You are highly encouraged to come up with your own settings: Crypt::Argon2 contains a argon2-calibrate tool to assist you in this.



This creates a new Argon2 encoder, it takes named parameters that are all optional. Note that some defaults are likely to change at some point in the future, as computers get progressively more powerful and cryptoanalysis gets more advanced.

  • memory_cost

    Maximum memory (in bytes) that may be used to compute the Argon2 hash. This currently defaults to 256 megabytes, but this number may change in any future version.

  • time_cost

    Maximum amount of time it may take to compute the Argon2 hash. This currently defaults to 3, but this number may change in any future version.

  • parallelism

    The number of lanes (and potentially threads) used for the hash. This defaults to 1, but this number may change in any future version.

  • output_size

    The size of a hashed value. This defaults to 16 bytes, increasing it only makes sense if your passwords actually contain more than 128 bits of entropy.

  • salt_size

    The size of the salt. This defaults to 16 bytes, which should be more than enough for any use-case.

  • subtype

    This choses the argon2 subtype. It defaults to argon2id, and unless you know what you're doing you should probably keep it at that. This may change in any future version (but is unlikely to do so unless argon2_id is cryptographically broken).

    • argon2id

      This is the default. It's a hybrid of argon2i and argon2d that largely combines the advantages of both.

    • argon2i

      This is optimized against timing attacks, but more vulnerable against other cryptographic attacks. It must not be used with a time_cost lower than 3.

    • argon2d

      This is optimized for resistance to GPU cracking attacks but not against timing based side-channel attacks.

Note: there is no wrong or right configuration, it all depends on your own particular circumstances. I recommend using the algorithm described in Crypt::Argon2 to pick the right settings for you.


This hashes the passwords with argon2 according to the specified settings and a random salt (and will thus return a different result each time).


This returns true if the hash uses a different cipher or subtype, or if any of the parameters is lower that desired by the encoder.


This class supports the following crypt types: argon2id, argon2i and argon2d.

verify_password($password, $hash)

This will check if a password matches an argon2 hash.


Leon Timmermans <>


This software is copyright (c) 2021 by Leon Timmermans.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.