Oddbean new post about login | logout yeah, but there is probably some argon2 param sweet spot that makes it not worth it. There is less incentive when you could be pointing compute at leaked password dbs instead. Even those hold up for long periods of time.