Dear Bitwarden Employees,
So I have seen the post for “Switch to Argon2” post:
Chad Sharf did leave the following important remark:
As several of you have indicated the strong desire for Argon2 as an option in Bitwarden clients, we have accepted this as requested enhancement. There has also been an update to the related GitHub issue here: https://github.com/bitwarden/jslib/issues/52 .
I believe @michaelsmoody has created a fork for this process to get started already and any other collaborators I would encourage to group together on the effort, etc. Please provide any design discussions, decisions and roadblocks so the community and Bitwarden engineering team may assist as necessary. The framework that Kyle has created for KDF was intended to be able to be expanded to support more than a single algorithm.
We will absolutely accept a solid implementation of this feature if all PRs are presented together that meets quality standards and encompasses for each of the Bitwarden clients: Web, Browser, Desktop, CLI, and Mobile. Argon2 may not replace SHA256 as the default but should be an option to be configured by the user. Also, the license for any libraries used may not be GPL based.
Please feel free to post/ask any questions or concerns and thank you again for your support!
I wish to ask here if there has been any progress on the switch since March 21, 2020.
Based on Micheal S Moody’s last commit, he last committed to the project on March 21, 2020:
Are the Bitwarden employees still interested in completing this feature?
If so, I am happy to contribute. I already messaged Micheal S Moody about this, but I also wanted to ask the other Bitwarden Employees about this to see if they are still interested in this feature.
If so, my GPG public key can be found at: https://raiderhacks.com/gpg
I will take a look at Micheal S Moody’s work and give updates as to what I come up with as time goes on.
I thank the Bitwarden employees for any responses they send back to me.