What is a password hash?

A password hash is best described as an irreversible signature generated by a one-way algorithm. This means that when a password is hashed, it undergoes a mathematical transformation that produces a fixed-size string of characters, which is unique to the original password. This hashing process ensures that the original password cannot be retrieved from the hash itself, thereby providing a layer of security.

The use of one-way algorithms is critical because it allows systems to verify a password without needing to store the actual password itself—only its hash. When a user attempts to log in, the system hashes the entered password and compares this hash to the stored hash. If they match, the password is deemed correct, but the original password remains protected.

In contrast, reversible encryption implies that the original data can be retrieved, which is not how hashing works. Passwords do not function as temporary tokens or types of authentication method, but rather serve as secure representations of the user’s credentials through hashing. Therefore, the only statement that accurately describes a password hash is that it is an irreversible signature generated by a one-way algorithm.