Proton

What is password hashing and salting?

If you’re comparing different password managers or researching password security, you’ll quickly run into terms like hashing and salting. While these terms might sound like steps you take to make breakfast potatoes, they’re actually processes that are essential to securing any online account. 

This article explains what password hashing and salting mean, how they work, and why they’re necessary.

Password hashing

Password salting

How we secure passwords at Proton

Password hashing

Hashing is a way to scramble information into a fixed-length string of letters and numbers. You  can take unencrypted information, be it a password, image, or entire book, and feed it into a hash function, which turns that information into a hash value with a specific number of characters. For example, SHA-256, one of the most common hash functions, always creates 256-bit (32-byte) hash values.

Create your own hash values(new window)

Besides creating a fixed-length product, there are two other things that distinguish hashing from standard encryption. Hashing is:

  • Irreversible — You cannot “unhash” (or regenerate the original information) a hash value no matter what you do. 
  • Deterministic — If you enter the same input information into a hash function, it will return the same hash value every time. 
  • Unpredictable — It should be almost impossible to guess its resulting hash value for any given input information. In fact, if you can take a hash value and easily guess or create the input that would generate that hash value, then that hash function should be considered vulnerable and avoided.

These three characteristics make hashing a good way to securely store and verify passwords. 

Hashing, password storage, and password authentication

When you create a new online account, you invariably provide a username (usually your email address) and create a password. This lets the service know who you are and verify that it’s actually you.

But the password creates a tricky problem for service providers. They essentially have three options. They can store your password in plaintext, encrypted, or hashed. 

It doesn’t take a cybersecurity expert to see the problems with storing passwords in plaintext. This would let the service access your account whenever it wants, and your password would be exposed if there was ever a breach. 

Encryption also doesn’t work. If a service encrypts a password using keys it controls, it can still access your password whenever (and potentially expose it in a breach). And it can’t encrypt your password using a key it doesn’t control (a key that’s on your device, for example) because that doesn’t allow it to verify that your password is correct when you log in. 

Hashing is a good compromise. Because hashing is irreversible, services can store your password and assure its users that it can’t access their accounts and that their passwords will be safe in a breach. 

And because hashing is deterministic, a service can verify a password by comparing the two hash values. If the hash values match, the service knows the input information (the passwords) match, even if the service doesn’t know what the actual password is.  

It’s a clever system, but hashing has an issue with predictability. If you assume that one of the most common passwords for any service will be “password”. With this information, you can probably find the accounts that use “password” simply by looking at the most repeated hash values.

In fact, there is a cyberattack devoted to cracking hashes using so-called rainbow tables, which compile hashes and try to make sense of the rules governing them in large tables. They’re effective exactly because hashes are predictable.

Password salting

To minimize a hash function’s predictability, programmers use salting. Salting is a technique that takes the predictable hash function and adds some extra “flavor” — hence the term “salt” — in the form of unpredictability. A salt is a short set of random characters added to each password before it’s hashed. 

What makes a salt special is that each one is unique to each user. If you create a password with a service, it’s assigned a salt that nobody else has. If you change your password, some services will use a new salt to go with it. This essentially ensures that no password (and therefore, no hash value) is ever repeated as long as a new, random salt value is used for each new password. 

This makes the task of any would-be attacker a lot harder. Their rainbow tables are useless since salting makes the hash values unpredictable. All that remains is to make sure that your password is random enough to deter any dictionary attacks.

How we secure passwords at Proton

At Proton, we put our users’ privacy and security first. We never send your password to our servers, relying instead on the Secure Remote Password (SRP) protocol. SRP allows a user to authenticate themselves to a server (and vice versa) by proving that they know the password without sharing the password itself or any information that an attacker could use to derive the password (like a hash sum, for example). Your password remains secure on your device. 

Learn more about how Proton uses SRP

We do use hashing and salting, but for your account keys. Once you successfully log in, Proton sends your account keys to your client. Your client then salts and hashes your password using bcrypt and uses the resulting hash value as the key to decrypt your account key. Once your account key is decrypted, it can then be used to access your emails, calendars, etc. This process happens locally on your device so your password and hash never leaves it.

You can extend this level of protection to your other accounts as well with Proton Pass, our end-to-end encrypted password manager.

As you can read in our full breakdown of the Proton Pass security model, we end-to-end encrypt your passwords individually as well as the vaults where you store them, preventing anyone, including us, from being able to see your items at any point in the transfer process. 

We can offer this kind of enhanced security because we’re funded entirely by you, our users. Without shareholders or venture capital investors to worry about, we can focus on developing tools that offer the very best in security and usability without cutting costs or corners.
The result is a service that puts you first, whether it’s having the best encryption technology or offering a best-in-class interface. If that sounds like something you would like to try for yourself, join Proton Pass today.

Related articles

laptop showing Bitcoin price climbing
en
  • Privacy guides
Learn what a Bitcoin wallet does and the strengths and weaknesses of custodial, self-custodial, hardware, and paper wallets.
pixel tracking: here's how to tell which emails track your activity
en
Discover what pixel tracking is and how it works, how to spot emails that track you, and how to block these hidden trackers.
A cover image for a blog describing the next six months of Proton Pass development which shows a laptop screen with a Gantt chart
en
Take a look at the upcoming features and improvements coming to Proton Pass over the next several months.
The Danish mermaid and the Dutch parliament building behind a politician and an unlocked phone
en
We searched the dark web for Danish, Dutch, and Luxembourgish politicians’ official email addresses. In Denmark, over 40% had been exposed.
Infostealers: What they are, how they work, and how to protect yourself
en
Discover insights about what infostealers are, where your stolen information goes, and ways to protect yourself.
Mockup of the Proton Pass app and text that reads "Pass Lifetime: Pay once, access forever"
en
Learn more about our exclusive Pass + SimpleLogin Lifetime offer. Pay once and enjoy premium password manager features for life.