> Kula uses Argon2id for password hashing. If you enable authentication, it is highly recommended to tune the Argon2 parameters (time, memory, threads) in config.yaml based on your hardware capabilities to increase resistance against cracking.
There is no reason to do this. Set them to sane defaults and set a minimum password length of 12 or 14 chars and stop trying to solve the wrong problem.
Honestly the sentence from the readme just sounds like a recommendation an LLM would make.
It is from LLM and some of the security features are overkill - I'm aware of that. These will be optional. I will also try to improve the readability of the README and move more detailed documentation to the wiki. Thanks for your opinions!