Fix argon2id parameter selection advice

[JakeGinesin]

OWASP recommends argon2id parameters that are lower than what is recommended by the standardizing RFC, RFC9106.

Also, the text "These configuration settings provide an equal level of defense, and the only difference is a trade off between CPU and RAM usage" is wrong; modifying the memory parameter affects how parallelizable brute-force attacks are on the given hash digest, thereby affecting security.

[jmanico]

My take:

• 2 GiB per hash means that authenticating even a few concurrent users (say, 20–50) could easily consume tens of gigabytes of RAM.
• That’s suitable for high-security offline key derivation (e.g., password managers, master key encryption), but not for online login APIs.

Our resident expert here ( @Sc00bz ) may have other thoughts on this matter.

[jmanico]

I think this is for key derivation, not password storage. Would like feedback from @Sc00bz before it's merged.

[randomstuff]

FWIW, this is what is indicated in ASVS 5.0:

KDF	Reference	Required Parameters	Status
argon2id	RFC 9106	t = 1: m ≥ 47104 (46 MiB), p = 1	A
		t = 2: m ≥ 19456 (19 MiB), p = 1	A
		t ≥ 3: m ≥ 12288 (12 MiB), p = 1	A

[jmanico]

Unless @Sc00bz wishes to reopen this, I am politely closing this out. We already have done a great deal of research on this and I feel the suggestions here are not applicable to scalable password storage.