Algorithms when using client side hashing plus server side hashing
So if I got this right from my intense research, the following procedure would be preferrable:
Use the PBKDF2 key derivation function to derive a secret key from the users password on the client side.
Use the derived key, which was generated using PBKDF2 and hash that key with Argon2id on the server side, and store that hash in the database.
What I wonder now is, why do people typically recommend the key derivation function for creating some secret from a password? Could I not just use Argon2id on the client side to hash the password, then pass that hash to the server, and then hash that hash again with Argon2id to generate the final hash for the database?
What is so special about this key derivation? And can I not use Argon2 to derive a secret key as well, similar to PBKDF2?
