What is Password Hashing?

Storing passwords in plaintext is one of the most dangerous practices in software development. When a database is breached, plaintext passwords are immediately usable for account takeover — not just on the breached service, but on every other service where users reused the same password. Password hashing replaces plaintext storage with irreversible digests that can verify a password attempt but cannot be reversed to recover the original password.

Not all hash functions are suitable for passwords. General-purpose hash functions like SHA-256 are too fast — modern GPUs can compute billions of SHA-256 hashes per second, making brute-force attacks trivial. Password hashing algorithms are deliberately designed to be slow, requiring significant CPU time, memory, or both for each hash computation. This slowness is configurable through parameters like iteration count (PBKDF2), cost factor (bcrypt), or memory and parallelism settings (Argon2).

The evolution of password hashing reflects the arms race between defenders and attackers. PBKDF2 (2000) added configurable iteration count. bcrypt (1999) introduced a fixed memory requirement that resists GPU acceleration. scrypt (2009) added configurable memory-hardness. Argon2 (2015), the winner of the Password Hashing Competition, offers tunable CPU time, memory, and parallelism. Each generation addresses new attack capabilities, and the choice depends on the deployment environment and threat model.

How Vaulted uses Password Hashing

Vaulted does not store user passwords because it has no user accounts. However, password hashing principles directly inform its passphrase protection feature. When a user sets a passphrase on a secret, PBKDF2 — a password hashing algorithm — is used to derive a key from the passphrase. The deliberate slowness of 100,000 PBKDF2 iterations makes brute-force passphrase guessing impractical, protecting the wrapped key even if an attacker obtains the ciphertext and salt.