Is argon2 considered proven, battle tested, and ready for wide scale adoption? The wikipedia page on it is unclear. I don't think crypto people like to use things that are too new for that reason..
I think you misunderstood what I meant. To change the hash we use at Discourse we have to support both the old and new formats in the Discourse code (as well as any future formats).
I guess that is sort of true but it feels to me like security through obscurity. Just increase the work factor.
Definitely a neat idea, but it'd need to be a unique canary user per site.
That's fine, and overlap with bitcoin specific hardware is definitely bad, as in, there may be some monster hashing hardware out there. Do you have any links of where to buy it, numbers, etc? The main takeaway I have is "don't pick any password hash that remotely resembles what bitcoin uses" as that is a rich vein of madness.
This is covered several times in the post. Search for "there are two factors that go into password hash strength" if you don't believe me.