Cybersecurity 
You can protect your digital footprint by deleting any accounts you no longer use, adjusting your privacy settings, avoiding oversharing on social media and using a
5 min read
Published on April 18, 2017
Updated on June 6, 2024.
Hashing has a wide range of applications in cybersecurity. However, its primary use is to “scramble” data so that outside parties can’t understand it if they intercept it. But what exactly is hashing, and why should you care about it?
Hashing is the process of mapping data to a predetermined length using an algorithm. This is known as a hash value (or a hash code, hash sum or hash digest). If you think hashing sounds a lot like encryption, you’re right. The approaches are similar, but the intended outcomes are not.
Continue reading to learn more about hashing and how it works to protect your data.
Hashing vs salting vs encryption: What’s the difference?
Now that you know what hashing is, it’s important to understand the difference between hashing, salting and encryption. Salting is a process wherein the server adds a random and unique string of characters to a password before hashing it. This ensures that every password hash is unique, even if every user in a system has the same plaintext password.
Here’s a visual of how salting works:
User 1 plaintext password: trustno1
MD5 hash (no salt): 5fcfd41e547a12215b173ff47fdd3739
User 1 “salt”: lAt3i
MD5 hash (salt + trustno1): e49a19f5b3b1743ec9d8c13662a21892
User 2 plaintext password: trustno1
MD5 hash (no salt): 5fcfd41e547a12215b173ff47fdd3739
User 2 “salt”: wS>Zd
MD5 hash (salt + trustno1): 0caf49e6119c7629dbdf6776864de9b6As you can see, even though both users have the same password, the salt ensures that they have completely different hashes, which makes it nearly impossible for cybercriminals to reverse-engineer the hash. For this reason, salting is a best practice when hashing passwords.
Encryption is a similar process to hashing, but the intended output is different. Encrypted data is intended to be decrypted at some point, which is why keys are used. In contrast, hashed data is never intended to be reversed into a readable format.
How hashing works
Here is a step-by-step overview of how hashing works.
- Inputting data: The first step is choosing the data you want to hash. This could be a password, file, message, photo or other important piece of data.
- Choosing a hashing algorithm: There are numerous hashing algorithms you can choose from, such as MD5, SHA-257 or SHA-5. Factors to consider when choosing an algorithm are its security and performance level.
- Calculating the hash: Once you choose the algorithm, it will process the inputted data through its series of functions and create a unique hash value.
- Receiving the output: The hash value is received and can be stored in a database like a password storage system.
What is a hashing algorithm?
A hashing algorithm disguises text by running it through a filter that turns it into ciphertext, meaning an unintelligible string of random letters and numbers, with all strings usually being the same length.
Password hashing enhances security by ensuring that a server never stores passwords in plaintext; only the end user knows the plaintext value of the password.
Here is a visual example of how an MF5 hash algorithm works:
Plaintext password: trustno1
MD5 hash: 5fcfd41e547a12215b173ff47fdd3739Even changing the password a tiny bit will completely change the hash. Look what happens just by capitalizing the first letter of the password:
Plaintext password: Trustno1
MD5 hash: 44ec94bbfc520c644ce2748eb3bdef6dThe benefits of hashing
Here are some of the benefits of hashing.
Data integrity
Hashing is a common method used to measure data integrity. By comparing the original hash value to the received or stored hash value, you can check if any alterations have been made during transmission. Even a minor change in the data will result in a completely different hashing value. This is also helpful to identify if any data has been compromised.
Fast data retrieval
Because of hashing, processing and retrieving data has become less time-consuming. This is done through a hash table, which is a data structure that maps keys to hash values. Each piece of data is uniquely associated with a key, and the hash function converts the key into a hashcode. This code is used to determine the index stored in the hash table, ensuring efficient and quick access to the data.
Reduced storage space
Another benefit of hashing is that it saves storage space since it helps identify data deduplication opportunities. Data deduplication is the process of deleting duplicate data to optimize storage utilization. By comparing different hash values, systems can determine which assets are identical and delete them to free up storage.
Password protection
Hashing is a critical component of password protection tools like password managers. When using these tools, a user’s password is converted into an irreversible hash value, which is stored in the database instead of the plain text key. So, in the event that a hashed value is compromised, cybercriminals will have a difficult time retrieving the original password.
Limitation of hashing
One major limitation of hashing is the risk of a hash collision. A hash collision occurs when two strings of text produce the same hash code. For example, if the passwords “trustno1” and “Trustno1” produce the same hash value, this would be a hashing collision. If such a collision occurs, cybercriminals can trick the computer into giving them access by logging in with a password that is similar to the original password to produce the same hash.
It’s important to note that the MD5 hash algorithm mentioned in our examples above has a known high probability of hash collision, and it is therefore no longer used other than for non-cryptographic purposes.
How Keeper® uses hashing and salting
When you use Keeper to securely store your passwords, a 256-bit authentication key is derived from your master password using PBKDF2-HMAC_SHA256 and a random salt. From here, an authentication hash is generated by using SHA-256 to hash the authentication key. For users to log in, the authentication hash is compared to an authentication hash stored in the cloud security vault.
Ready to hash and store your passwords with Keeper? Start a free personal or business trial of Keeper Password Manager today.
