Passwords settings
To enable or disable passwords, update your configuration file:
config.yml
selfservice:
methods:
password:
enabled: true
BCrypt
Per default, passwords are hashed using BCrypt. You can configure the BCrypt hasher using the following options:
config.yml
hashers:
algorithm: bcrypt
danger
BCrypt has a maximum length of 72 bytes for passwords. If a longer password is attempted to be used, an error will be returned to the user.
Bcrypt algorithm can be configured only by the following cost
option (default value is 12):
config.yml
hashers:
bcrypt:
cost: 12
Argon2id
By default, Ory Identities uses BCrypt algorithm for password hashing. Use the following option to use the Argon2id algorithm:
config.yml
hashers:
argon2:
parallelism: 1
memory: 128MB
iterations: 3
salt_length: 16
key_length: 32
To determine the ideal parameters, head over to the setup guide.