Update the default strength for password encoders

[larsgrefer]

I propose to increase the default strength for some password encoders.

The BCrypt encoder currently uses 10 as default strength, with which it only takes ~80ms to encode a password (on my Early 2015 MacBook Pro). I think the default should be increased to (at least) 12.

The Argon2 encoder only needs ~40ms, so its defaults should be increased too.

The SCrypt encoder needs ~80ms with its default parameters.

[larsgrefer]

The Spring Security Reference Documentation says:

It is recommended that the "work factor" be tuned to take about 1 second to verify a password on your system.

[jzheaux]

Thanks, @larsgrefer for checking on this.

@rwinch do we have a hardware profile that we target when determining when to increase this? My concern would be if we bump the number up to early, lots of folks suddenly see password hashing taking quite a bit longer than 1 second.

[larsgrefer]

I've written a small test application and ran it on different systems: https://github.com/larsgrefer/password-encoder-tester

MacBook Pro (Early 2015, 2.7GHz i5)

BCryptPasswordEncoder : 98ms
SCryptPasswordEncoder : 81ms
Argon2PasswordEncoder : 19ms
Pbkdf2PasswordEncoder : 528ms

Hetzner CX30 Cloud Server (2.1GHz Intel Xeon)

BCryptPasswordEncoder : 129ms
SCryptPasswordEncoder : 117ms
Argon2PasswordEncoder : 29ms
Pbkdf2PasswordEncoder : 742ms

AMD FX6300 (8GB DDR3 RAM)

BCryptPasswordEncoder : 81ms
SCryptPasswordEncoder : 93ms
Argon2PasswordEncoder : 23ms
Pbkdf2PasswordEncoder : 597ms

Raspberry PI B (800MHz ARM)

BCryptPasswordEncoder : 1428ms
SCryptPasswordEncoder : 1929ms
Argon2PasswordEncoder : 1905ms
Pbkdf2PasswordEncoder : 17453ms

[rwinch]

Despite this being created first, I'm going to close this as a duplicate of gh-10506 in order to preserve the assignee