As a web developer, you must have come across the term password hashing at least once. Let us quickly understand what is password hashing and why we even need it.
What is Password Hashing?Password hashingis the process of encrypting a user’s password before storing it into a database. The encryption is one way and passwords once hashed cannot be decrypted to their original text value.
Why do we need to Hash Passwords?Password hashing has become extremely important in today’s time. Assume a scenario where your database gets hacked and now all the details of your users are exposed to the hacker. The hacker will have access to all of your data and the user’s password.
How to hash passwords?Password hashing is usually done with the help of encryption algorithms. Bcrypt is one of the most used hashing functions that can use a variety of algorithms. The good thing about bcrypt or hashing, in general, is that you already know the length of a hash. So all the password fields in your table have the same length. To verify passwords on login, the sent password needs to be hashed and the hash value should match the value in the records. This whole process is slow and really helps against brute force attacks.