Comeonin is a specification for password hashing libraries.
For information about hashing passwords in your app, see Password hashing libraries.
Changes in version 5
In version 5.0, Comeonin now provides two behaviours, Comeonin and Comeonin.PasswordHash, which password hash libraries then implement.
With these changes, Comeonin is now a dependency of the password hashing library you choose to use, and in most cases, you will not use it directly.
See the UPGRADE_v5 guide for information about you can upgrade to version 5.
Password hashing libraries
The following libraries all implement the Comeonin and Comeonin.PasswordHash behaviours:
- Argon2 - argon2_elixir
- Bcrypt - bcrypt_elixir
- Pbkdf2 - pbkdf2_elixir
Argon2 is currently considered to be the strongest password hashing function, and it is the one we recommend.
Bcrypt and Pbkdf2 are viable alternatives, but they are less resistant than Argon2, to attacks using GPUs or dedicated hardware.
For more information, see Choosing a library.
See the Comeonin wiki for more information on the following topics:
- password hashing libraries
- including information about using Docker
There are many ways you can contribute to the development of Comeonin, including:
- reporting issues
- improving documentation
- sharing your experiences with others
- making a financial contribution
This software is offered free of charge, but if you find it useful and you would like to buy me a cup of coffee, you can do so through paypal.
BSD. For full details, please read the LICENSE file.