Key Derivation Functions: PBKDF2, bcrypt, and Argon2

Storing passwords requires a special class of cryptographic function called a password hashing function (PHF) or key derivation function (KDF). Regular cryptographic hashes like SHA-256 are designed to be fast — a modern GPU can compute billions of SHA-256 hashes per second. This speed is catastrophic for password storage: an attacker who steals a hash database can try billions of guesses per second. Password KDFs are intentionally slow, tunable to make brute-force attacks computationally infeasible while still allowing legitimate login within milliseconds.

Before dedicated password KDFs existed, attackers used rainbow tables — precomputed mappings from hash values back to plaintext passwords. A salt is a random value unique per user that is prepended or appended to the password before hashing, making every hash unique even for identical passwords. Salts are stored alongside the hash in the database — they are not secret, just random. A proper salt must be: at least 16 bytes, generated by a cryptographically secure random number generator, and stored per-user (never reused across accounts).