Module 12 · Hashing — Passwords & Integrity

Manish Garg
Manish Garg Associate of (ISC)² · RingSafe
Apr 27, 2026
1 min read
Read as

Last updated: April 29, 2026

100% Free

No signup. No paywall. No catch. One of our 10 most-requested practitioner modules — published in full so anyone can learn for free. We earn through consulting, not by gating knowledge.

See all 10 free modules →

“How do we hash passwords?” is the most-asked question. The answer evolved.

“How do we hash passwords?” is the most-asked question. The answer evolved.

2026 password-hashing recommendations

  • Argon2id — first choice; OWASP recommended
  • bcrypt — second choice; widely supported
  • scrypt — third; less library support
  • PBKDF2 — only when FIPS 140 compliance forced
  • NEVER — MD5, SHA-1, SHA-256/512 alone, plain hashing without salt
Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants
← Previous · Module 11
Module 11 · Secret Management Platforms
← Back to Academy Hub
Continue Learning

Other modules in this track

View all modules
Academy
Module 1 · Beginner

Symmetric, asymmetric, hashing, MACs, password hashing, RNG, libsodium, post-quantum status, the cardinal rule.

Apr 22, 2026 · 5 min read
Academy
Module 2 · Intermediate

TLS 1.2/1.3, cipher suites, handshake, certificate validation, HSTS, CT, common misconfigurations, testing with testssl.sh.

Apr 22, 2026 · 4 min read
Academy
Module 3 · Intermediate

CAs, cert types, ACME, lifecycle, revocation, internal PKI, service mesh PKI, code signing, lifetime trends.

Apr 22, 2026 · 5 min read