diff --git a/servers/slapd/pwmods/argon2.c b/servers/slapd/pwmods/argon2.c
index 68d4ad73cd..a9a19ee81d 100644
--- a/servers/slapd/pwmods/argon2.c
+++ b/servers/slapd/pwmods/argon2.c
@@ -29,11 +29,11 @@
 #include <argon2.h>
 
 /*
- * For now, we hardcode the default values from the argon2 command line tool
- * (as of argon2 release 20161029)
+ * Use OWASP recommended values (retrieved on 2023-08-07)
+ * @see https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
  */
-#define SLAPD_ARGON2_ITERATIONS 3
-#define SLAPD_ARGON2_MEMORY (1 << 12)
+#define SLAPD_ARGON2_ITERATIONS 2
+#define SLAPD_ARGON2_MEMORY 19456
 #define SLAPD_ARGON2_PARALLELISM 1
 #define SLAPD_ARGON2_SALT_LENGTH 16
 #define SLAPD_ARGON2_HASH_LENGTH 32
@@ -108,7 +108,7 @@ slapd_argon2_hash(
 	/*
 	 * Do the actual heavy lifting
 	 */
-	if ( argon2i_hash_encoded( iterations, memory, parallelism,
+	if ( argon2id_hash_encoded( iterations, memory, parallelism,
 				passwd->bv_val, passwd->bv_len,
 				salt.bv_val, salt_length, hash_length,
 				p, encoded_length ) == 0 ) {