# Any plan for an Argon2 version of wp-password-bcrypt?

**URL:** https://discourse.roots.io/t/any-plan-for-an-argon2-version-of-wp-password-bcrypt/11486
**Category:** plugins
**Created:** 2018-02-04T19:39:34Z
**Posts:** 4

## Post 1 by @TangRufus — 2018-02-04T19:39:34Z

With Argon2 added in PHP 7.2, any plan for an Argon2 version of wp-password-bcrypt?

Hail, all hail the roots team!

---

## Post 2 by @swalkinshaw — 2018-02-09T01:58:52Z

Well I suppose we could rename it, or just make another version. But I doubt we will to be honest. Argon2 is supposed to offer some advantages over bcrypt but I’m not sure how much it matters in reality. Any of Argon2, scrypt, or bcrypt is probably good enough.

My one personal slight knock on Argon2 is it’s not as old/battle tested as those other two.

But don’t listen to me, I’m not a security engineer :cold_sweat:

---

## Post 3 by @TangRufus — 2018-02-11T06:36:20Z

Then, I have to make my own…

For anyone who have a client insists on Argon2i and peppering, here is a work in progress plugin:

> **[TypistTech/wp-password-argon-two](https://github.com/TypistTech/wp-password-argon-two)**
>
> Contribute to wp-password-argon-two development by creating an account on GitHub.

Be warned: It is very different from wp-password-bcrypt. Migrating **to** wp-password-argon-two is usually “just work”.  
However, migrating **out from** wp-password-argon-two requires regenerating passwords for all users.

---

## Post 4 by @TangRufus — 2018-02-27T17:35:36Z

For anyone interested, v0.1.0 has published !!

Read the [project readme](https://github.com/TypistTech/wp-password-argon-two) before installing.