⌘K
We use cookies to improve your experience
We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user experience.
Definition
Hashing is the process of converting any input data into a fixed-length string of characters using a mathematical function. The same input always produces the same hash, but the original data cannot be recovered from the hash. Hashing is used for password storage, data integrity verification, and digital signatures.
A hash function takes an input of any size and produces a fixed-length output (the hash or digest). Key properties of cryptographic hash functions: deterministic (same input always gives same output), fast to compute, infeasible to reverse (cannot recover input from hash), small changes in input produce dramatically different output (avalanche effect), and collisions (different inputs producing the same hash) are extremely unlikely.
Common applications include: password storage (storing hashes instead of plaintext passwords), file integrity verification (comparing checksums to detect corruption or tampering), digital signatures (signing a hash of the message rather than the entire message), blockchain (proof-of-work mining, block linking), and content-addressable storage (Git uses SHA-1 hashes to identify every object).
For password hashing specifically, general-purpose hash functions (MD5, SHA-256) are not sufficient because they are too fast — attackers can try billions of guesses per second. Password-specific algorithms like bcrypt, scrypt, and Argon2 are deliberately slow and memory-intensive to make brute-force attacks impractical. These algorithms also incorporate salts (random data added to each password) to prevent rainbow table attacks.