Security

How Secure Password Hashing Works (Bcrypt, Argon2, Salting)

Learn the cryptographic concepts behind secure credential storage, the difference between hashing and encryption, and modern memory-hard key stretching algorithms.

The Critical Need for Hashing

In modern web development, storing passwords in plain text is a severe security failure. If a database is compromised, attackers gain immediate access to user credentials. Cryptographic hashing functions transform user passwords into a fixed-length string of characters, making it mathematically infeasible to reverse the operation and retrieve the original password.

Hashing vs. Encryption

It is common to confuse hashing with encryption, but they serve completely different purposes:

Salting and Peppering

Fast cryptographic hash algorithms like MD5 or SHA256 are no longer secure for passwords because attackers can pre-compute hashes for millions of common passwords, storing them in lookup tables known as Rainbow Tables.

To defend against rainbow table attacks, systems use a **Salt**:

A **Pepper** is similar to a salt, but instead of being stored in the database, it is stored securely in the application code or environment configuration, adding an extra layer of defense in case the database is leaked.

Modern Key Stretching Algorithms

Simple hashes can be computed billions of times per second on modern graphics cards (GPUs). To prevent brute-force attacks, security engineers developed algorithms that are intentionally slow and resource-intensive, known as key stretching algorithms:

  1. Bcrypt: Based on the Blowfish cipher, bcrypt includes a configurable "work factor" (rounds parameter) that exponentially increases the computational difficulty. It is CPU-bound.
  2. Scrypt: Designed to go further, scrypt is a memory-hard algorithm. It requires a specific amount of RAM to compute, making it highly resistant to hardware acceleration attacks using custom ASICs or GPUs.
  3. Argon2: The winner of the Password Hashing Competition (PHC) in 2015. It is the modern industry standard. It features adjustable parameters for time complexity (number of passes), memory utilization (RAM usage), and parallelism (number of CPU threads), providing optimal security against both GPU and ASIC brute-force attacks.