Page 1 of 1

What is password hashing and salting?

Posted: Sat Dec 21, 2024 5:19 am
by sakib40
If you're comparing different password managers or researching password security , you'll quickly run into terms like hashing and salting. While these terms might sound like steps you take to make breakfast potatoes, they're actually processes that are essential to securing any online account.

This article explains what password hashing and salting mean, how they work, and why they're necessary.

Password hashing

Password skipping

How we secure passwords at Proton

Password hashing
Hashing is a way to scramble information into a fixed-length oman phone number data string of letters and numbers. You can take unencrypted information, be it a password, image, or entire book, and feed it into a hash function, which turns that information into a hash value with a specific number of characters. For example, SHA-256, one of the most common hash functions, always creates 256-bit (32-byte) hash values.


Image

Create your own hash values(new window)

Besides creating a fixed-length product, there are two other things that distinguish hashing from standard encryption. Hashing is:

Irreversible — You cannot “unhash” (or regenerate the original information) a hash value no matter what you do.
Deterministic — If you enter the same input information into a hash function, it will return the same hash value every time.
Unpredictable — It should be almost impossible to guess its resulting hash value for any given input information. In fact, if you can take a hash value and easily guess or create the input that would generate that hash value, then that hash function should be considered vulnerable and avoided.