I’m afraid I still don’t understand this but don’t want to take up your time. It’s not an issue, I’m happy using SHA-256 or SHA-512. They do all I need.
I think the process behind the scenes is different depending on the mechanism selected. Argon requires some additional processes for verification rather than simply comparing a hashed string to one stored in your DB. The checkbox initiates that additional processing.
Thanks Ben. I figured that was probably the case. I think it appears more complex because there’s the checkbox. If Argon2 requires that to be checked, and the other hashes require it to not be checked, why not remove it and just have it as part of the process automatically?
The choice of Argon isn’t set in the project, it is a just choice of how the password is transformed and saved in the DB. There’s currently nothing in the project that could do this - you could read a password value from the DB but that would require one to be set. In addition you could have more than one Sec Provider, one for SHA512 and another for Argon so would then need multiple entries. I guess a checkbox is the simplest implementation found so far - perhaps, though they might find a better way. Most things seem to be getting a face-lift at the moment 
1 Like