==== Select the correct Argon2 parameters

In general, the default values of the Argon2 library are considered safe. If you
need to change the parameters, you should note the following:

First, Argon2 comes in three forms: Argon2i, Argon2d and Argon2id.
Argon2i is optimized for hashing passwords and uses data-independent memory
access. Argon2d is faster and uses data-dependent memory access, making it
suitable for applications where there is no risk of side-channel attacks. +
Argon2id is a mixture of Argon2i and Argon2d and is recommended for most applications.

Argon2id has three different parameters that can be configured: the basic
minimum memory size (m), the minimum number of iterations (t) and the degree of
parallelism (p). +
The higher the values of m, t and p result in safer hashes, but come at the cost of higher
resource usage. There exist general recommendations that balance security and speed in an
optimal way.

Hashes should be at least 32 bytes long and salts should be at least 16 bytes long.

Next, the recommended parameters for Argon2id are:

[options="header",cols="a,a,a,a"]
|===
|Recommendation type |Time Cost |Memory Cost |Parallelism 
|Argon2 Creators
|1
|2097152 (2 GiB)
|4 
|Argon2 Creators
|3
|65536 (64 MiB)
|4 
|OWASP
|1
|47104 (46 MiB)
|1 
|OWASP
|2
|19456 (19 MiB)
|1 
|OWASP
|3
|12288 (12 MiB)
|1 
|OWASP
|4
|9216 (9 MiB)
|1 
|OWASP
|5
|7168 (7 MiB)
|1
|===