While the current implementation using PBKDF2 is good for the current threat model, argon2 is more resistant towards GPU brute forcing attacks. Argon2 could thus increase security of encrypted pages.
However, since my use cases are well served by PBKDF2 hashing, this is not a top priority for me at the moment. If someone wants this to be implemented, you're welcome to submit a PR and we can work from there.
One question to think about is whether we should switch to argon2 for all hashing, or allow users to choose if they want to use PBKDF2 or argon2. Perhaps we could use different decryption templates (including different scripts) for the different hashing algorithms. This would add complexity, but could be useful for users who are OK with PBKDF2 and don't need argon2.
To implement this, these libraries might be useful:
While the current implementation using PBKDF2 is good for the current threat model, argon2 is more resistant towards GPU brute forcing attacks. Argon2 could thus increase security of encrypted pages.
However, since my use cases are well served by PBKDF2 hashing, this is not a top priority for me at the moment. If someone wants this to be implemented, you're welcome to submit a PR and we can work from there.
One question to think about is whether we should switch to argon2 for all hashing, or allow users to choose if they want to use PBKDF2 or argon2. Perhaps we could use different decryption templates (including different scripts) for the different hashing algorithms. This would add complexity, but could be useful for users who are OK with PBKDF2 and don't need argon2.
To implement this, these libraries might be useful:
Browser: https://github.com/antelle/argon2-browser Node.js https://github.com/ranisalt/node-argon2 Deno: Not sure, but since https://github.com/antelle/argon2-browser supports WASM, it might be able to run in Deno and similar environments.