How can you store your password safely in a database? To understand this concept, we must look under the hood of encryption, hash functions, salt. Imagine you create an app and have to safely store login information, including passwords. You can do this in three ways: plain text, encryption, or hash functions.

Plain Text
The user would store the password in plain text, as the name suggests. Plain text is an unadvisable way to keep a password in a database because a hacker can use the password as is.

Encryption
Encryption is taking the password that comes in as plain text and scrambling it into a complex text called cipher text. Cipher text is then stored in the database. To retrieve the password for use, we would still need to decrypt the password. Decryption is the opposite of encryption, rendering the password back to its original state of plain text. Encryption there are two forms of encryption, symmetric and asymmetric. In symmetric encryption, a cryptographic key is used. A cryptographic key is a set of algorithms that will scramble and unscramble the data to its original state. In asymmetric encryption, we use two keys, one to scramble and the other to descramble. Encryption is still not a viable solution. Anyone looking to compromise security would need to figure out which key is required to descramble. Encryption is still not a recommended solution for storing passwords in a database.

Hash Functions
Hash functions are the best options for storing passwords in a database. Hash functions take the user-created password and convert them into a unique cipher text. This unique cipher text is always the same length regardless of what password the user enters. With this in effect, the size of our original password has yet to be discovered. The benefit of this method is that we can take the user-inputted password, run it through a hash function and get an output of a hashed password. The advantage of this hashed password is that we cannot undo this action as we did in the encryption method.

Brute Force
Brute force is an action a hacker may take to decrypt the keys of a user's password. Generally, an application is used to decipher encryption keys with a trial-and-error method. A hacker can easily crack the user's password with the encryption key. Another form of brute force is an application that automates passwords until the correct password is resolved. For this reason, it is recommended to have a stronger password. A weak password may take a hacker a few minutes to decipher, while a stronger one may take hours or days to crack.

Rainbow Table Attack
One of the most popular methods an attacker may use to compromise password security is the rainbow table attack. Since many applications convert plain text passwords into hashes, the attacker can use a rainbow table which is a table of hashes and compare the application's hash to the rainbow tables hash. If both hashes match, the user is authenticated. Hackers attempt to look for websites with vulnerable password databases or use phishing techniques to enter a password database. The dark web also has websites that display compromised user info. Once hackers have attained these hashes, they can reverse the values back to plain text as long as the hashes don't include a "Salt" (explained in the next paragraph).

Salt
We can add Salt to our password for extra security before they are hashed. With salt, our hashed password will have a different value. Salting dramatically reduces the effectiveness of a rainbow table attack. It is always recommended to use salting when storing passwords in a database.

Cost
With advanced computer technology, the hacker can generate millions, if not billions, of hashed passwords per second. Cost is a function that deliberately slows down the hashing of passwords; as computer technology improves, the computational cost increases as well, which, in turn, causes the speed of hashing passwords to decrease. The hacker is now limited to how many passwords they can crack per minute. Cost is an added security measure to deter hackers.