A one-way process that turns data into a fixed-length string — used to safely store passwords.
Hashing transforms data into a fixed-length string (a "hash") using a mathematical function. Unlike encryption, hashing is one-way — you can't reverse a hash back to the original data. This makes it perfect for passwords.
When you create an account, the server hashes your password and stores the hash. When you log in, it hashes what you typed and compares the hashes. The server never stores your actual password. Common hashing algorithms include bcrypt, scrypt, and Argon2.
Supabase auth handles password hashing automatically — you never need to implement it yourself. Understanding hashing helps you know why password resets exist (the server can't retrieve your password, only replace the hash).
The most common hashing algorithm for passwords is bcrypt, which is intentionally slow to prevent brute-force attacks and includes a unique salt for each password.
Learn the concepts, fix things with confidence, and ship real products with AI beside you. No coding background required, and we're with you from the first idea to launch.
Free to start. No card. Leave whenever you want.