concept

Password Hashing

Password hashing is a cryptographic technique that transforms plain-text passwords into fixed-length, irreversible hash values using algorithms like bcrypt, Argon2, or PBKDF2. It is a fundamental security practice in software development to protect user credentials by ensuring passwords are not stored in plain text, making it difficult for attackers to retrieve original passwords even if the hash database is compromised. This process typically includes salting (adding random data) to defend against precomputed attacks like rainbow tables.

Also known as: Password Encryption, Password Salting, Cryptographic Hashing, Secure Password Storage, Pwd Hashing
🧊Why learn Password Hashing?

Developers should learn and use password hashing whenever handling user authentication in applications, such as web apps, mobile apps, or APIs, to comply with security best practices and regulations like GDPR or PCI DSS. It is critical for preventing data breaches, as weak or plain-text password storage can lead to unauthorized access and identity theft, especially in systems storing sensitive user information.

Compare Password Hashing

Password Hashing vs Plain Text PasswordsPassword Hashing vs Symmetric EncryptionPassword Hashing vs Password Managers

Learning Resources

📄
OWASP Password Storage Cheat Sheet
docs
📚
Crypto 101: Password Hashing
book
📝
How to Hash Passwords in Node.js with bcrypt
tutorial
🎬
Password Hashing Explained
video
🎓
Coursera: Cryptography I
course

Related Tools

AuthenticationBcryptArgon2Pbkdf2Security Best Practices

Alternatives to Password Hashing

Plain Text PasswordsSymmetric EncryptionPassword Managers