When I was browsing lianglee's (Arsalan Shah) github repository. This component caught the attention of my eye.
Is this thing still working or is it implemented in the core of OSSN 7?
I seen something similar in the OSSN Documentation:
•Argon2i is optimized to resist side-channel attacks. It accesses the memory array in a password independent order. (2015)
•bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999.
Supported algorithms are md5 OSSN v5.x, bcrypt, argon2i. Default is bcrypt.
My question here is that can I simply switch my whole OSSN installation's hashing algorithm from bcrypt to Argon2i using this component and switch all the current users's passwords from bcrypt to Argon2i. Or if I installed the component only the new users will only use the Argon2i.
Note: I have 0% knowledge on about passwords.
Or is it still better to still use bcrypt than Argon2i? or Argon2i is better than bcrypt.
Note: As I mentioned earlier, I have no knowledge about the encryption of passwords.