Question 1

Which hash algorithm is best for passwords?

Accepted Answer

Bcrypt and argon2 are the best choices for password hashing. They are intentionally slow and include a salt to prevent rainbow table attacks. SHA-256 and SHA-512, while secure, are too fast for passwords.

Question 2

Is MD5 still safe to use?

Accepted Answer

No. MD5 is cryptographically broken and vulnerable to collision attacks. It should never be used for security purposes. It may be acceptable for non-security checksums where collision resistance isn't critical.

Question 3

What's the difference between SHA-1 and SHA-256?

Accepted Answer

SHA-256 produces a 256-bit hash and is considered secure, while SHA-1 produces a 160-bit hash and is vulnerable to collision attacks (SHAttered). All major browsers and certificate authorities deprecated SHA-1 in 2017.

Question 4

Why is faster worse for password hashing?

Accepted Answer

Fast hash functions like SHA-256 can be computed billions of times per second on modern GPUs, making brute-force attacks practical. Slow hashes like bcrypt have configurable work factors that make each attempt expensive for attackers.

Algorithm	Bit Length	Security	Best For
MD5	128	Broken — collision attacks practical	Non-security checksums only
SHA-1	160	Deprecated — SHAttered collision attack	Legacy compatibility only
SHA-256	256	Secure — industry standard	Digital signatures, integrity checks, certificates
SHA-512	512	Secure — stronger than SHA-256	High-security signatures, blockchain
bcrypt	192	Secure — slow, salted, adaptive	Password hashing (use cost factor 10+)
argon2	Variable	Secure — modern, memory-hard	Password hashing (best available)

Hash Algorithm Comparison

Algorithm Comparison Table

Choosing the Right Hash

Passwords → bcrypt or argon2

Integrity → SHA-256

Fast hashing → SHA-256/SHA-512

Legacy → MD5/SHA-1 (avoid)