Generate Argon2id, Argon2i and Argon2d password hashes with tunable memory, iterations and parallelism. Outputs the PHC encoded string and hex. Runs in your browser.
Supported Tools:
Generate Argon2id, Argon2i and Argon2d password hashes with tunable memory, iterations and parallelism. Outputs the PHC string and hex. Runs in your browser.
Argon2 is the winner of the 2015 Password Hashing Competition and the modern default for storing passwords. It is memory-hard, meaning it forces an attacker to spend large amounts of RAM per guess, which blunts GPU and ASIC cracking. It comes in three flavours: Argon2id (the recommended hybrid), Argon2i (data-independent) and Argon2d (data-dependent). This tool derives an Argon2 hash from a password and salt and returns both the raw hex and the self-describing PHC encoded string you can store directly. Everything is computed locally via WebAssembly.
Input:
password + salt, Argon2id (t=3, m=64MB, p=1)
Output:
$argon2id$v=19$m=65536,t=3,p=1$c29tZXNhbHQ$...
Which variant should I use?
Argon2id is the OWASP-recommended default because it resists both side-channel and GPU attacks. Use Argon2i only where data-independent addressing is required, and Argon2d rarely.
What parameters are safe?
A common baseline is 19 MiB or more of memory, a few iterations and parallelism of 1, tuned so a single hash takes a few hundred milliseconds on your hardware.
What is the encoded string?
It is the PHC format that stores the variant, version, parameters, salt and hash together, so verification needs only that single string.
Is my password sent anywhere?
No. The hash is computed locally in your browser with WebAssembly.