Password hashing is the process of converting a plaintext password into a one way, irreversible value. Hashing protects stored passwords so attackers cannot easily recover the original text even if the database is compromised. Modern hashing algorithms incorporate salt values and computational hardness to resist brute force attacks. Password hashing is a core responsibility in secure authentication systems. Systems should never store plaintext passwords under any circumstances.
how it works
When a user creates a password, the system generates a random salt and feeds it with the password into a hashing algorithm. The result is stored along with the salt. On login, the system repeats the process and compares the hashes. Algorithms like bcrypt, scrypt, and Argon2 intentionally slow down hashing to make attacks expensive. Password hashing differs from encryption because it cannot be reversed. Proper hashing protects user data even in serious breaches.