devise-argon2
A devise-encryptable password encryptor that uses argon2
Why use Argon2?
Argon2 won Password Hashing Competition and offers additional security compared to the default bcrypt
by adding a memory cost. More info:
Usage
Assuming you have devise (>= 2.1) and the devise-encryptable plugin
set up in your application, add devise-argon2
to your Gemfile
and bundle
:
gem 'devise-argon2'
Then open up your devise configuration,config/initializers/devise.rb
and configure your encryptor to be argon2
:
# config/initializers/devise.rb
Devise.setup do |config|
# ..
config.encryptor = :argon2
# ...
end
It is also recommended to uncomment (or add) config.pepper
with a random
string that will be used in addition to the per-user password_salt
when hashing.
Contributing
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request
Copyright
Released under MIT License.