...

 

You should fine tune it to the actual deployment environment. 

We use a lot of Perl so I use this utility to calibrate it on a typical pod: https://metacpan.org/dist/Crypt-Argon2/view/script/argon2-calibrate

This is our current setup:

Y  => 'argon2id',  # type
P  => 2,               # threads
M  => '64M',        # mem
T  => 17,             # passes
SL => 128,          # salt len
TL => 128,          # tag len

takes about 2 secs on the LDAP pod, and 3-5 secs from the outside when you add our OUath2 server and all the network latency.