What is password hashing?
Password hashing is a one-way cryptographic process that converts a plaintext password into a fixed-length string of characters called a hash. It cannot be reversed: there is no computation that takes a hash and produces the original password. When a user logs in, the system hashes what they typed and compares it to the stored hash. A match grants access without the system ever storing or transmitting the actual password.
How it works
A plaintext password passes through a hashing algorithm that produces a unique output. Changing even a single character in the input produces a completely different hash. This property means stored hashes reveal nothing about the underlying passwords, even to someone with direct database access.
Common hashing algorithms
MD5 is a 128-bit algorithm developed in 1992. It was widely used for password storage but is now considered insecure due to vulnerability to collision and brute-force attacks. It should not be used in any current security application.
SHA-2 is a family of algorithms including SHA-256 and SHA-512, producing hash values of 256 or 512 bits respectively. SHA-2 variants are considered secure for password storage and digital signatures.
Bcrypt, developed in 1999, was built specifically for password hashing. It includes a built-in salting mechanism and adjustable complexity that can be increased as computing power grows, keeping it viable as hardware improves.
Scrypt, introduced in 2009, is memory-intensive by design. This makes it resistant to GPU and ASIC-based attacks, where attackers use specialized hardware to run hashing attempts at massive scale.
Argon2 won the Password Hashing Competition in 2015. It offers three variants (Argon2d, Argon2i, Argon2id) with different resistance profiles against side-channel and time-memory trade-off attacks. It is memory-hard and computationally intensive, making it the current recommended choice for new implementations.
Salting
Salting adds a unique random value to each password before hashing. Two users with identical passwords will produce entirely different hashes because their salts differ. This blocks rainbow table attacks, which rely on precomputed hash lookups, because a unique salt forces an attacker to recompute an entire table for every possible salt value, which is not feasible at scale.
Hashing vs. encryption vs. salting
Hashing is one-way. The original input cannot be recovered from the output. Encryption is reversible. Ciphertext can be decrypted back to plaintext using the correct key. Salting is not a standalone protection but an enhancement applied before hashing to prevent precomputation attacks.
Best practices for storing hashed passwords
Use bcrypt, scrypt, or Argon2 rather than MD5 or SHA-1. Apply a unique salt to every password before hashing. Use key stretching by configuring a high iteration count to slow down brute-force attempts. Store hashes and salts with strict access controls. Review and update hashing configurations regularly as hardware capabilities advance.
Limitations
Password hashing does not compensate for weak or reused passwords, which remain vulnerable to dictionary attacks regardless of the algorithm. It offers no protection against side-channel attacks or sufficiently resourced hardware-based attacks. Social engineering, phishing, and credential theft at the application layer bypass hashing entirely. As computing power increases, older algorithms become weaker, requiring periodic upgrades to maintain adequate resistance.
Role in breach mitigation
When a database is compromised, hashed passwords force attackers to crack each hash individually rather than reading credentials directly. Combined with salting and modern algorithms, this significantly raises the cost and time required to extract usable credentials, giving organizations a window to detect the breach, invalidate sessions, and prompt password resets before meaningful damage occurs.
