Crypto

Argon2 Hash Calculator | Argon2id, Argon2i & Argon2d

Calculate an Argon2 hash from a password or any string. Supports all three variants — Argon2id, Argon2i, and Argon2d — with OWASP-recommended memory cost and iteration presets. Everything runs in your browser, and nothing you enter is sent to a server.


Tips for Calculating an Argon2 Hash

  • Argon2 won the 2015 Password Hashing Competition, and Argon2id is OWASP's current recommended variant. Unless you have a specific reason not to, choose Argon2id.
  • The preset buttons offer the five memory-cost and iteration combinations recommended by the OWASP Password Storage Cheat Sheet. The more memory you allocate, the stronger the resistance to parallel GPU attacks.
  • Raising the "parallelism (p)" value does not actually run the WebAssembly implementation in parallel in your browser, so the calculation time barely changes. Speedups from parallelism only apply on multi-core server environments.
  • A new salt is generated automatically for every calculation, so the same text and parameters will still produce a different encoded hash each time.
  • Setting the memory cost extremely high can make your browser tab temporarily unresponsive. We recommend starting with a value in the tens of megabytes.

Frequently Asked Questions

For a system you are building from scratch, Argon2id is the first choice — OWASP now lists it as its top recommendation. If an existing system already uses BCrypt, keep in mind that migrating requires recomputing hashes (for example, re-hashing on the user's next login).

Argon2d offers the strongest resistance to GPU attacks but is more vulnerable to side-channel attacks, while Argon2i has the opposite trade-off. Argon2id is a hybrid of both designs, and it is the recommended default unless you have a specific reason to choose otherwise.

The preset buttons on this tool offer the five combinations recommended by the OWASP Password Storage Cheat Sheet. For production use, aim for settings where a single hash calculation takes roughly 100–500 ms, adjusting based on the memory available on your server.

Yes. Since this tool uses the standard Argon2 algorithm, the resulting hash can be verified directly with PHP's password_verify() or Argon2 verification libraries in other languages. Just be mindful of how you handle any sensitive input.

No. The hash is calculated entirely within your browser using WebAssembly, and none of your input is ever transmitted externally.
ツールくん

Side Note — The Password Hashing Competition and the Origins of Argon2

Argon2 was chosen as the winning algorithm from 24 submissions to the Password Hashing Competition (PHC), held between 2013 and 2015. It was designed to overcome a weakness shared by earlier schemes such as BCrypt (1999) and PBKDF2 (2000) — vulnerability to fast brute-force attacks using specialized hardware like GPUs and ASICs — by requiring a large amount of memory to compute.

Argon2 comes in three variants. Argon2d maximizes resistance to GPU-based attacks but is more exposed to side-channel attacks, while Argon2i is hardened against side-channel attacks at the cost of somewhat weaker GPU resistance. Argon2id is a hybrid that combines both properties, and it is now the first choice recommended for password storage by OWASP and many other security organizations.

Since PHP 7.2, generating an Argon2id hash is as simple as passing the PASSWORD_ARGON2ID constant to password_hash(). Official or semi-official libraries are also available for Node.js, Python, Ruby, and other major languages, and Argon2id is increasingly the default choice over BCrypt for storing passwords in newly built systems.