Home / Guides / Hash Function Basics — One-Way, Collisions, and Salt

A hash function converts data of any length into a fixed-length value (a hash, or digest). The same input always yields the same hash, but changing the input by even a single bit produces a completely different hash.

The key property of a good cryptographic hash is that it is one-way. It is practically impossible to recover the original input from the hash value alone. That's why storing passwords as hashes instead of plaintext means that even if the data leaks, the originals can't be read directly.

A collision is when two different inputs produce the same hash. They exist in theory, but for a secure hash it must be computationally infeasible to create one deliberately. MD5 and SHA-1 were retired precisely because creating collisions became possible.

For password storage, a hash alone isn't enough. Since the same password yields the same hash, you add a random salt per input before hashing, and use a slow hash like bcrypt or Argon2 to slow down mass guessing attacks.

Hash with this algorithm