Switch to Argon2id

[elliotwutingfeng]

Would you be open to switching to Argon2id over 100k iterations of PBKDF2? It would provide better protection for weaker vault passwords.

[paolostivanin]

Sure, I'll think about it. I need to check whether this enhancement is worth the time and effort. I may even think to make this customizable, but then it would require a DB change 🤔
No idea, let's see with what I will come up with.

[paolostivanin]

This change would require libgcrypt version >= 1.10.1 which cannot be found, for example, on Ubuntu <23.10 and openSUSE Leap <=15.5.
If I decide to implement this change, it will have to be configurable in order to support older distros.

[paolostivanin]

The switch to Argon2id will happen. I have yet to figure out some minor design things, but it will likely happens before end of summer.

[paolostivanin]

To-Do:

• switch to argon2id by default
• dynamically show parameters
• make db security configurable