bcrypt vs SHA-256 for Storing Passwords

If you're hashing passwords with SHA-256, you're using the wrong tool. SHA-256 is a general-purpose hash — fast by design. Fast is exactly the wrong property for password storage.

Why speed is a liability for passwords

An attacker who steals your password database will run an offline brute-force attack: hash millions of guesses per second and compare. A modern GPU can compute over 10 billion SHA-256 hashes per second.

bcrypt, designed specifically for passwords, limits that same attacker to roughly 1,000–100,000 hashes per second on equivalent hardware. That's up to 10 million times slower — which makes brute force impractical.

What bcrypt does differently

bcrypt has three properties that SHA-256 lacks for password use:

Built-in salt. Each bcrypt hash includes a unique random salt, so two identical passwords produce different hashes. SHA-256 has no salt — you have to add one yourself, and many implementations skip it.

Work factor (cost). bcrypt accepts a cost parameter (typically 10–14). Higher cost = more rounds = slower. You can increase it as hardware gets faster, future-proofing existing hashes.

Fixed-length output. bcrypt always produces a 60-character string, making storage predictable.

$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewdBPj/VQ.3dXGLu
 ^^  ^^
 |   |
 |   cost = 12 (2^12 rounds)
 version

bcrypt in code

// Node.js — bcryptjs
const bcrypt = require("bcryptjs");

const hash = await bcrypt.hash(password, 12);       // store this
const ok   = await bcrypt.compare(attempt, hash);   // verify login

# Python — bcrypt
import bcrypt

hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt(rounds=12))
ok = bcrypt.checkpw(attempt.encode(), hashed)

When SHA-256 is the right choice

SHA-256 is correct for:

• Verifying file integrity (checksums)
• HMAC signatures
• Content-addressable storage
• Any deterministic fingerprint of non-secret data

Never use it directly for passwords — not even with a custom salt. Use bcrypt, scrypt, or Argon2.

Generate hashes with the tool

You can generate SHA-256 (and other) hashes with the hash generator — useful for checksums and HMAC verification. For passwords, use bcrypt in your application code rather than a browser tool.

For more on why fast hashes fail at password security, see why not MD5 for passwords. For how salts prevent rainbow table attacks, see what is a salt in hashing.