A one-way process that turns data into a fixed-length string — used to safely store passwords.
Hashing transforms data into a fixed-length string (a "hash") using a mathematical function. Unlike encryption, hashing is one-way — you can't reverse a hash back to the original data. This makes it perfect for passwords.
When you create an account, the server hashes your password and stores the hash. When you log in, it hashes what you typed and compares the hashes. The server never stores your actual password. Common hashing algorithms include bcrypt, scrypt, and Argon2.
Supabase auth handles password hashing automatically — you never need to implement it yourself. Understanding hashing helps you know why password resets exist (the server can't retrieve your password, only replace the hash).
The most common hashing algorithm for passwords is bcrypt, which is intentionally slow to prevent brute-force attacks and includes a unique salt for each password.
We give you the skills to build, deploy, and own a full product. Professional stack, AI co-pilot, no coding background required.