You can’t decrypt a hash, so stop saying that please

Hashing is the process of taking a piece of data and turning it into unrecognizable mush. There are different hashing algorithms, with one of the most popular being one called SHA-256. If you apply the SHA-256 hashing algorithm to the word password, this is what the resulting hash looks like:


What we just did is we hashed the word password. However, we did not encrypt the word password. “Encrypting” implies that something can be decrypted, which is not possible with a hash. “Decrypting” means to apply a process to transform data back to its original form, but hashing is a one-way function, meaning a hash cannot be decrypted.

We can find out what this hash started out as (namely, the word password). To do this, we will first create a large table of hashes created from known passwords (like password) by taking the 1000 most popular passwords and hashing them with the SHA-256 algorithm. Then we will look up the hash in the table, and find the password associated with it.

This process is called cracking a hash. Cracking means looking it up. Decrypting means transforming it. Do you get the difference?

I certainly hope so. Please never, ever say “we decrypted the hash.” Doing this makes you sound ignorant. I don’t want you to sound ignorant. Say “we cracked the hash” instead.