If the Sodium extension is installed, Argon 2ID13 will be chosen as the Magento default hashing algorithm. Otherwise, SHA256 will be used.
The Sodium extension is a PHP extension that provides cryptographic functions. Argon 2ID13 is a password hashing algorithm that is considered to be more secure than SHA256.
If the Sodium extension is installed, Magento will use Argon 2ID13 as the default hashing algorithm for customer passwords. If the Sodium extension is not installed, Magento will use SHA256 as the default hashing algorithm.
Adobe Commerce uses secure hashing algorithms for customer passwords. As of the more recent updates, Adobe Commerce defaults to using the Argon2ID13 hashing algorithm, provided that the Sodium PHP extension is available. Argon2ID is considered a secure and modern hashing algorithm designed to protect against brute-force attacks.
If the Sodium extension is not available, Adobe Commerce falls back to using SHA256, which, while secure, is not as robust as Argon2ID13.
This functionality ensures that customer data is safeguarded with the highest level of security available based on the server configuration.
Additional Resources:
