What Is Password Hashing (and Why Salting Matters)?
Password hashing converts a password into a fixed-length, irreversible hash before storing it, so the plaintext is never saved. A unique random salt is added to each password so identical passwords produce different hashes — defeating precomputed (rainbow-table) attacks. Done right, a database breach exposes only hashes that are expensive to crack.
This is the single most important thing to get right in authentication. Here's how it works and how to do it properly.
Why You Never Store Plaintext (or Encrypt) Passwords
If you store passwords as plaintext, a single database leak hands attackers every account instantly. So passwords must be hashed — transformed one-way so the original can't be recovered.
A key point: you should hash, not encrypt, passwords. Encryption is reversible, which means a stolen key exposes every password. Hashing has no key to steal and is irreversible by design. (See Hashing vs Encryption.)
At login, the system hashes the submitted password and compares it to the stored hash — it never needs the original.
How Salting Works
Plain hashing has a flaw: the same password always yields the same hash. Attackers exploit this with rainbow tables (precomputed hashes of common passwords) and by spotting users who share a password.
A salt fixes this — a unique random value mixed into each password before hashing:
hash("hunter2" + salt_A) = 9c1f... (user A)
hash("hunter2" + salt_B) = 4be8... (user B)
Same password, different stored hashes. Rainbow tables become useless because the attacker would need a separate table per salt. The salt isn't secret — it's stored alongside the hash — its job is uniqueness, not concealment.
Why Fast Hashes Like SHA-256 Are Wrong for Passwords
SHA-256 is a great general hash, but it's too fast for passwords. A modern GPU computes billions of SHA-256 hashes per second, so even salted SHA-256 falls to brute force for weak passwords.
Password hashing needs to be deliberately slow and resource-intensive. That's what purpose-built password hashers do:
| Algorithm | Why it's good |
|---|---|
| bcrypt | Adjustable "cost factor"; battle-tested for 20+ years |
| scrypt | Memory-hard — resists GPU/ASIC attacks |
| Argon2 | Modern winner of the Password Hashing Competition; tunable time + memory |
These automatically generate and embed a salt, and let you increase the work factor as hardware gets faster. Generate examples with our Bcrypt Generator and Argon2 Generator. For htaccess-based auth, the Htpasswd Generator produces bcrypt entries. Compare the two leaders in bcrypt vs Argon2.
A bcrypt Hash, Decoded
bcrypt packs everything into one string:
$2b$12$Gm9.../Kbq3...e
│ │ └ salt + hash
│ └ cost factor (2^12 = 4096 iterations)
└ algorithm version
Because the salt and cost are embedded, verification needs only the stored hash and the candidate password.
How Attackers Crack Weak Hashes
Even with hashing, weak setups fall:
- Unsalted or fast hashes (MD5/SHA-256): rainbow tables and GPU brute force.
- Low work factor: bcrypt with too low a cost is brute-forceable.
- Weak passwords: no algorithm saves "123456" — combine hashing with length requirements and breach-password checks.
The defense stack: a slow, salted hash + a sane work factor + strong password policies.
Frequently Asked Questions
What is a password hash? The irreversible output of running a password through a hashing algorithm, stored instead of the plaintext password so the original is never saved.
Why are passwords hashed instead of encrypted? Encryption is reversible — a stolen key exposes every password. Hashing has no key and can't be reversed, so it's safer for stored credentials.
What is salting and why does it matter? A salt is a unique random value added to each password before hashing. It ensures identical passwords get different hashes and defeats rainbow-table attacks.
What is the best password hashing algorithm? Argon2 is the modern recommendation; bcrypt is a proven, widely supported choice. Avoid fast hashes like MD5 or plain SHA-256.
Can a hashed password be cracked? Weak or unsalted hashes can be. A salted, slow hash (bcrypt/Argon2) with a high work factor makes cracking strong passwords impractical.
Related Reading
Get password hashing right and a breach becomes a manageable incident instead of a catastrophe: salt every password, use bcrypt or Argon2, and turn up the work factor as hardware improves.