hi,

a client has requested the use of the argon2 [1, 2] password hashing scheme. this can easily be added as an external provider. we do however require custom password policies, e.g. memory / parallelism cost as well as salt length. AFAIK there is no way to provide policy extensions using a provider interface?

would argon2 be a worthwhile contribution?

regards
roelof.

[1] https://github.com/P-H-C/phc-winner-argon2
[2] https://github.com/phxql/argon2-jvm