← Lessons

quiz vs the machine

Gold1400

Security

The Password Hashing Bcrypt Argon2

Why password storage needs slow, memory hard functions instead of fast general hashes.

5 min read · core · beat Gold to climb

The Wrong Tool

General hashes like SHA-256 are designed to be fast, which is exactly wrong for passwords. An attacker who steals a database can try billions of guesses per second against a fast hash.

Deliberate Slowness

Password hashing functions are built to be slow and tunable. A cost factor lets defenders raise the work per guess as hardware improves.

  • bcrypt uses a configurable cost factor and a built in salt.
  • Argon2 adds memory hardness, forcing each guess to use lots of RAM.
  • scrypt is an earlier memory hard option.

Why Memory Hardness

Attackers use specialized hardware to parallelize fast hashes cheaply. By demanding large memory per attempt, Argon2 makes such hardware far more expensive, narrowing the attacker advantage.

Practical Advice

Pick Argon2 for new systems where supported, or bcrypt as a solid widely available choice. Never roll your own, and tune the cost so a single verification takes a noticeable fraction of a second.

Key idea

Passwords must be stored with deliberately slow, memory hard functions like Argon2 or bcrypt whose tunable cost defeats the billions of fast guesses that general hashes would allow.

Check yourself

Answer to earn rating on the learn ladder.

1. Why are fast hashes bad for passwords?

2. What does Argon2 add that bcrypt lacks by design?

3. What should you tune in a password hash?