diff --git a/Notes-Scratch-Prose.md b/Notes-Scratch-Prose.md
index c4cafb9..3b03bfd 100644
--- a/Notes-Scratch-Prose.md
+++ b/Notes-Scratch-Prose.md
@@ -1,7 +1,8 @@
 # Notes
 ## Cryptographic Questions
-- are any of the sha digests biased or biasable?
-  - if so, try scrypt or even argon2id?
+- ~~are any of the sha digests biased or biasable?~~
+  - ~~if so, try scrypt or even argon2id?~~
+  - __switching to argon2id__
 - are the passphrase or salt settings too high? are they diminishing returns or even counterproductive?
   - if so, what are some more optimal settings?
 ## Implementation Questions
diff --git a/TODO.md b/TODO.md
index 3f9aff2..75594b4 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1,6 +1,10 @@
+# TODO NEXT (urgent)
+- ditch sha256/512 for argon2id with some sensible settings
+  - sha256/512 is too fast to be robustly secure
+
 # TODO
 - 7zip compression encrypted/non-encrypted
-  - `.random_noise.bin` file in public output pre encrypted compress, filled with random binary, to break sig checks if they are in play
+  - `.$random_hidden_filename` file in public output pre encrypted compress, filled with secure random binary, to break sig checks if they are in play
 - helper txt
   - cmds to all-in-one hash checks?
   - script?