How Does Password Storage Tier List: encryption, hashing, salting, bcrypt Work?

A password storage tier list shows how different methods protect your passwords, from simple tricks to super strong ones.

Imagine you have a secret message (your password) that needs to be kept safe in a box (the server). How you store it depends on what kind of lock and key you use.

With encryption, it's like putting your password in a box with a simple lock. You use a key (a special number) to lock or unlock the box. If someone steals the box, they can open it if they have the same key. It's quick and easy, but not the most secure.

Now imagine your password goes into a magic soup (called hashing) that changes it completely. No matter what you put in, it always comes out as something different. Even if someone steals the soup, they can't find your original message, just like how you can’t tell what went into a blender just by looking at the mix.

If two people use the same password, the magic soup might give them the same result. That’s where salting comes in, adding a secret ingredient (a salt) to each person's password before mixing it up. Now even identical passwords become unique.

Finally, bcrypt is like a super strong lock that gets harder to open every time someone tries. It’s the best choice for keeping your password really safe, especially if you're using it on a website or app.