Royce Williams

I agree with chick3nman here, and also think that it's inappropriate to tell him to stay out of the discussion, considering he is an official developer of this project (and...

So to restate what it sounds like the ask is: If I'm looking at my status output and I see that I have 38% progress when hashcat died or whatever,...

As long as the values are predictable / harvestable, separating them by attack type would be fine. Or are some of them based on dynamic variables?

Yep, that totally makes sense. Hot take: if there are a few _easy_ ways to detect multibyte, they could be added and throw the warning, and assume that a few...

That sounds like a good general solution!

I see the appeal somewhat, but the additional complexity may not be worth the benefit. The complexity of adding this on a per-hashtype basis is higher than it might appear,...

Are there any systems publicly known to be using Argon2? (Edit: @Sc00bz noted that there are seven (at this writing) noted here: https://pulse.michalspacek.cz/passwords/storages)

@indolering I didn't realize it was the PHP7 default. That's a pretty compelling argument for inclusion in hashcat, IMO.

PuTTY 0.75, released today (2021-05-08), now uses Argon2: > PuTTY's format for private key files has been updated. The new > format, PPK3, does not depend on SHA-1, and also,...

fscrypt, the Linux filesystem encryption management framework, uses Argon2id: https://github.com/google/fscrypt#features