id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
26635	"Clarify ""memory_cost"" of Argon2PasswordHasher differs from command line utility"	Si Feng	nobody	"The '''memory_cost''' doesn't seems to be consistent with the reference C implementation (https://github.com/P-H-C/phc-winner-argon2), where the '''m''' actually means ""Sets the memory usage of 2^N KiB

(default 12)"", not plain ""KiB"".  I observed the latter definition in '''argon2-cffi''' too and thus it could be due to that lib, but this is really confusing, as other libraries (for example, the Ruby binding) are consistent with the reference implementation.  The problem of this inconsistency is that the ""plain"" version is usually much bigger than the ""right"" version and since there is no way to distinguish between the two, once Django 1.10 is shipped, it would become really hard if it is decided to use the ""right"" version in the future."	Cleanup/optimization	closed	Documentation	dev	Normal	fixed		Bas Westerbaan	Accepted	0	0	0	0	0	0