Password Hasher

What is Password Hashing?

Password hashing transforms a password into a fixed-size string of characters using a one-way cryptographic function. This makes it computationally infeasible to reverse the hashing process and recover the original password from its hash.

Why is Password Hashing Important?

Storing passwords in plain text is a major security risk. If a database containing plain text passwords is compromised, attackers can easily access user accounts. Password hashing mitigates this risk by ensuring that even if the database is compromised, the attacker will only have access to the password hashes, not the original passwords. The attacker would then have to attempt to 'crack' the hashes, which is a computationally intensive process that may not be successful, especially if strong hashing algorithms and salts are used.

Common Hashing Algorithms:

• MD5: A hashing algorithm that produces a 128-bit hash value. MD5 is now considered cryptographically broken and should not be used for password hashing.
• SHA-1: Similar to MD5, SHA-1 produces a hash value but has also been found vulnerable to attacks and is not recommended for new implementations.
• SHA-256 & SHA-512: Part of the SHA-2 family of hashing algorithms. SHA-256 and SHA-512 produce 256-bit and 512-bit hash values, respectively, and are considered more secure than MD5 and SHA-1.
• Bcrypt: A password hashing function based on the Blowfish cipher. Bcrypt incorporates a salt and is designed to be computationally expensive, making it resistant to brute-force attacks. Bcrypt is recommended for new password hashing implementations. See also Generate Random Passwords.

Salting:

A salt is a random string of characters added to the password before hashing. Salting prevents attackers from using precomputed tables of password hashes (rainbow tables) to crack passwords. Each password should have a unique salt.