Why not use SHA-256 for passwords?
SHA-256 is a fast hash, not a password hash. It is designed to be fast, which means brute-forcing a list of hashes is fast. Password hashes are slow on purpose (bcrypt, argon2). Never use raw SHA for passwords.
Verify This Answer
Cross-check this information using these trusted sources:
More FAQs in bcrypt vs Other Password Hashing Algorithms
argon2id for new projects with no constraints (modern, memory-hard, side-channel resistant). bcrypt with 10-12 rounds for existing projects or simple setup. PBKDF2 only if you need a standard built into Node. Avoid raw SHA hashes.
argon2 is memory-hard (requires lots of RAM), so ASICs are expensive to build. bcrypt is not memory-hard, so an attacker with ASICs can brute-force faster. argon2id is also side-channel resistant.
Yes, with 10-12 salt rounds. It is not the most modern option (argon2 is better), but it is battle-tested, easy to use, and safe for most apps. Use 12 rounds for high-security apps.
Still have questions?
Browse all our FAQs or reach out to our support team
