#431 introduced a very subtle, but unfortunate bug: by binding the number of threads used in the Argon2 hashing procedure, logins stop being portable between host machines with a different number of CPUs (e.g. when migrating from a host with a single CPU to a host with two CPUs, the hashing function would now pass different parameters to Argon2, creating a mismatch).
This should be fixed by doing the following:
introduce a new algo version for all newly created hashes that does use a fixed number of threads
allow overriding the value used by the buggy algo version by passing an env var so that operators can still migrate to hosts with a different number of CPUs, even if it's a little awkward