Password Hashing
At Descope, we ensure that user passwords are stored securely using modern, memory-hard hashing algorithms. We follow industry best practices to protect against brute-force and side-channel attacks.
What Algorithm We Use
Descope uses the Argon2id algorithm, as specified in RFC 9106. Argon2id combines the benefits of Argon2d and Argon2i to provide robust defense against both parallel and side-channel attacks.
Why Argon2id?
- Memory-hard: Increases cost for attackers using GPUs or ASICs.
- Side-channel resistant: Reduces exposure to timing and cache-based attacks.
- Modern & recommended: Winner of the Password Hashing Competition (PHC) and endorsed by modern cryptographic standards.
Configuration Parameters
Descope uses the “uniformly safe” parameter set recommended in RFC 9106, Section 4.2:
Parameter | Value |
---|---|
Algorithm | Argon2id |
Iterations (t) | 3 |
Parallelism (p) | 4 lanes |
Memory (m) | 64 MiB (2^16 KiB) |
Salt length | 128 bits |
Output length | 256 bits |
These parameters offer a strong baseline for secure password hashing across modern hardware.
Implementation Notes
- Salts are generated using a cryptographically secure random number generator.
- Password hashes are versioned internally to support future upgrades or rehashing.
- Plaintext passwords are never stored or logged at any stage.
Standards Alignment
Our use of Argon2id aligns with guidance from:
For more details on our security practices, refer to our Security & Compliance page.
For any questions about password security or compliance, please contact security@descope.com.