T
passwords hashing argon2 bcrypt scrypt security

Password Hashing Standards: Why Argon2, Bcrypt, and Scrypt Matter

Learn how to store passwords securely. Compare Argon2, bcrypt, scrypt, and PBKDF2, and understand why simple hashes like MD5 are no longer enough.

2026-04-11

Password Hashing Standards: Why MD5 and SHA-256 Are Not Enough

If you are a developer, one of your most sacred responsibilities is protecting user passwords. Storing passwords in plain text is an obvious disaster, but many developers still make the mistake of using "fast" cryptographic hashes like MD5 or even SHA-256 for password storage.

This guide explains why those methods are broken and what the current industry standards are for secure password hashing.

1. The Problem with "Fast" Hashes

Algorithms like MD5, SHA-1, and SHA-256 were designed to be fast. They are meant to verify the integrity of large files in milliseconds.

While speed is great for file checks, it is a nightmare for passwords. A modern GPU can compute billions of SHA-256 hashes per second. If an attacker steals your database of SHA-256 hashed passwords, they can use "brute force" to guess almost every simple password in a matter of hours.

2. Modern Slow Hashing Algorithms

To defeat brute-force attacks, we use algorithms specifically designed to be computationally expensive. These are "adaptive" hashes that allow you to increase the "work factor" as hardware gets faster.

Argon2: The Gold Standard

Argon2 won the Password Hashing Competition in 2015 and is currently the recommended standard by OWASP and NIST.

  • Argon2id: This is the preferred variant. It is resistant to both GPU-based cracking and side-channel attacks.
  • Configurable: You can tune the memory usage, iterations, and parallelism to ensure that hashing one password takes, for example, 500ms on your server.

bcrypt: The Battle-Tested Classic

Developed in 1999, bcrypt is one of the most widely used and trusted algorithms in history.

  • Work Factor: It uses a "cost" parameter. Every time you increment the cost by 1, the time it takes to hash the password doubles.
  • Still Secure: Despite its age, bcrypt remains highly secure against modern attacks.

scrypt: The Memory-Hard Pioneer

scrypt was the first major algorithm to introduce "memory hardness." It requires a significant amount of RAM to compute, making it extremely expensive for attackers to build specialized hardware (ASICs) to crack it.

3. Beyond the Algorithm: Salt and Pepper

Even with a strong algorithm, you need extra layers of protection.

The Salt: Defeating Rainbow Tables

A Salt is a random string added to the password before hashing.

  • Why: Without a salt, if two users have the same password ("password123"), they will have the same hash. An attacker can use "Rainbow Tables" (precomputed lists of hashes) to crack them instantly.
  • Rule: Every user must have a unique, random salt generated at the time of account creation.

The Pepper: The Secret Layer

A Pepper is similar to a salt, but instead of being stored in the database, it is stored in a secure configuration file or a Hardware Security Module (HSM).

  • Why: If an attacker steals your database but not your application's secret keys, they still cannot crack the hashes because they don't know the pepper.

4. Best Practices for Developers

  1. Never use MD5 or SHA-1: They are completely broken for security.
  2. Avoid plain SHA-256: It is too fast and easily cracked by GPUs.
  3. Choose Argon2id or bcrypt: Use Argon2id for new projects; bcrypt is a solid alternative with excellent library support.
  4. Tune your Work Factor: Aim for a hashing time between 250ms and 500ms. This is fast enough for a human to wait for a login, but slow enough to stop an attacker.
  5. Always Salt: Most modern libraries (like bcrypt in Node.js or Python) handle salting automatically.

Summary Comparison

Algorithm Type Memory-Hard Recommended
MD5 Fast Hash No ❌ NEVER
SHA-256 Fast Hash No ❌ NO (for passwords)
PBKDF2 Slow Hash No ⚠️ Legacy only
bcrypt Slow Hash No ✅ YES
scrypt Slow Hash Yes ✅ YES
Argon2id Slow Hash Yes 🏆 BEST

Conclusion

Protecting passwords isn't just about picking a random algorithm; it's about using tools designed to withstand the raw power of modern hardware. By using Argon2id with a proper salt and work factor, you are providing your users with the highest level of security available today.

Need to test a hash or generate a secure password for your own accounts? Check out our Password Generator Tool and Hash Generator to keep your data safe.

Back to Blog