Why should passwords be hashed rather than encrypted in a database?
One-way hashing: encryption is reversible with a key (a single point of failure), whereas a hash cannot be reversed. You store the hash and verify by hashing the input and comparing.
2 / 5
What is the purpose of a per-password salt?
Salt: a unique random value combined with each password before hashing. It ensures two users with the same password get different hashes and renders precomputed rainbow-table attacks useless.
3 / 5
Why are fast hashes like MD5 or SHA-256 bad for password storage?
Fast hash problem: general-purpose hashes are designed to be fast, which helps attackers brute-force. Password hashes like bcrypt are deliberately slow and tunable to resist mass guessing.
4 / 5
What does the cost factor (work factor) in bcrypt control?
Cost factor: bcrypt's work factor sets the number of iterations exponentially. Raising it makes each hash slower for both defenders and attackers, letting you keep pace with faster hardware over time.
5 / 5
What advantage do Argon2 and scrypt have over bcrypt?
Memory-hardness: Argon2 and scrypt require large amounts of memory per hash, which is expensive to parallelize on GPUs/ASICs. Argon2 won the Password Hashing Competition and is a current recommended choice.