Why Use bcrypt for Password Hashing Instead of MD5, SHA1, SHA256, etc.

Using bcrypt

General‑purpose hash algorithms such as MD5, SHA1, SHA256, SHA512, and SHA‑3 were designed for speed to compute large data digests, which makes them excellent for data integrity but terrible for password storage.

Modern servers can compute an MD5 hash at roughly 330 MB per second; a six‑character alphanumeric password can be exhaustively searched in about 40 seconds, requiring no special hardware.

Even with expensive hardware—e.g., a CUDA‑capable GPU cluster capable of 700 million password hashes per second—the attack speed remains high, allowing attackers to crack passwords at roughly 10 % of the raw speed.

Salting does not save you

Adding salt (whether coarse, abundant, or even “organic Himalayan pink salt”) does not mitigate dictionary or brute‑force attacks when the underlying hash function is designed for speed; the attacker’s cracking rate is unaffected.

As long as a fast, general‑purpose hash is used, the presence of salt does not protect against rapid cracking.

bcrypt solves these problems

bcrypt is derived from the Blowfish cipher and introduces a configurable work factor, allowing developers to deliberately slow down the hashing process. This makes bcrypt’s cost increase with hardware improvements, keeping pace with Moore’s law.

For example, with a work factor of 12, hashing the password “yaaa” on a typical laptop takes about 0.3 seconds, whereas MD5 processes the same input in less than one microsecond.

bcrypt therefore lets you balance speed and security according to your application’s needs.

In short

Use bcrypt.