Password Hashing (bcrypt/argon2)

Password hashing is the security practice of storing passwords as one-way cryptographic hashes rather than plaintext or reversible encrypted forms. Unlike general-purpose hash functions (SHA-256, MD5) that are designed for speed, password hashing algorithms are intentionally slow and resource-intensive, making brute-force and dictionary attacks computationally expensive. The leading algorithms are bcrypt (widely supported, based on Blowfish cipher), argon2id (winner of the Password Hashing Competition, recommended by OWASP), and scrypt (memory-hard alternative).

Each algorithm incorporates a unique salt per password (preventing rainbow table attacks) and a configurable work factor that controls computational cost. Bcrypt uses a cost parameter (recommended: 12+) that exponentially increases hashing time. Argon2id allows tuning three parameters: time cost (iterations), memory cost (KB of memory used), and parallelism (number of threads). OWASP recommends argon2id with a minimum of 19 MiB memory, 2 iterations, and 1 degree of parallelism, though these should be tuned to take approximately 200-500ms on your production hardware.

The hashing function output includes the algorithm identifier, parameters, salt, and hash in a self-describing format (e.g., $2b$12$... for bcrypt, $argon2id$v=19$m=65536,t=3,p=4$... for argon2id). This allows the application to verify passwords and detect when rehashing is needed due to parameter upgrades. Implement transparent rehashing on login: when a user authenticates successfully with an older hash format or weaker parameters, rehash their password with the current algorithm and parameters. Never log passwords, use timing-safe comparison functions, and enforce minimum password length (8+ characters) alongside hashing.