Hashing vs. Encryption: What’s the Difference? Full 2024 Guide

Tim Mocan
Tim Mocan Senior Writer
Fact-checked by Kate Davidson
Tim Mocan Tim Mocan Senior Writer
Fact-checked by Kate Davidson

Both hashing and encryption are essential security processes. They keep your data safe both online and offline and ensure that cybercriminals can’t monitor it, steal it, or tamper with it.

Telling the difference between the two can be really difficult. Just reading the Wikipedia pages for hashing and encryption won’t help — in fact, it will probably leave you more confused. And while there are many online articles discussing hashing and encryption, a lot of them are either hard to follow or just inaccurate.

Since I have tons of experience with both, I decided to put together this straightforward guide. I have been writing about cybersecurity topics for 6+ years and have often covered topics related to encryption or hashing (or both).

In this guide, I cover what both hashing and encryption are and how they work, and I also discuss real-life scenarios where both are used — for example, hashing is used by companies to securely store logins, whereas encryption is used by virtual private networks (VPNs) like ExpressVPN to protect your in-transit web data. Read on to find out more. Editors' Note: ExpressVPN and this site are in the same ownership group.

Try ExpressVPN Now

Hashing vs. Encryption: Quick Overview

Encryption Hashing
Protects Data While In: Transit Storage
Can Be Reversed ✅ (via decryption)
Common Algorithms ECDSA, DH, RSA (asymmetric encryption)

AES, ChaCha20, Camellia (symmetric encryption)

SHA-1, SHA-2, SHA-3 (SHA family)

BLAKE, BLAKE2, BLAKE3 (BLAKE family)

RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320 (RIPEMD family)

Use Cases Messaging apps, VPNs, online banking, online purchases, Wi-Fi networks, file storage File integrity verification, password storage, digital signatures, cryptocurrencies

What Is Encryption?

Encryption is a security process that uses an encryption algorithm and an encryption key to turn readable data into ciphertext (encrypted text). It essentially turns plain text data, like names, email addresses, passwords, or other sensitive information, into a string of random characters.

Encryption is a two-way process, meaning that encrypted data can be decrypted — but only by the intended recipient of the data, which has access to a decryption key. Encryption can be used to secure stored data and to protect in-transit data (like messages, online purchases, or general web browsing).

What Does Encrypted Data Look Like?

Let’s say you want to encrypt the following readable data: “thisismypassword.”

If you use an encryption algorithm to make the data unreadable, you’d get this:

“lFbAdj1jVWxLpSFG6DqSky/jJ3Nnn1h7dZiGd9Fwxvo=.”

What Is Hashing?

Hashing is a cryptographic security process that uses a hash function (also called a hash algorithm) to convert data to fixed-sized values. You could take plain text, like a password, and turn it into a hashed value, which is going to look like a random string of hexadecimal characters.

Hashing is a one-way process, which means you can’t directly reverse it. Due to that, hashing is normally used to verify the authenticity of stored data, and to ensure it hasn’t been altered. It’s also used to secure stored data — for example, a company might hash user passwords to ensure the logins stay safe even if the company suffers a data breach.

What Does Hashed Data Look Like?

Let’s say you have the following plain text: “1234password.”

If you use a hashing function to scramble it, you’d get the following hashing value:

“0b6571d043ac6b01fa45da96068045e07ff695b10b9c6157dab41a3392b65779a19662cc6e43f8abe528a4c933488c24df9a0940784b94ae22cd9b8cc1a75647.”

How Does Encryption Work?

Encryption uses an algorithm (a set of rules) to turn readable data into encrypted data. The algorithm relies on encryption and decryption keys — these are unique pieces of information that determine how the readable data is encrypted and decrypted.

How Does Encryption Work?

There are 2 types of encryption methods that are widespread nowadays:

  • Symmetric Encryption. This type of encryption relies on a symmetric encryption key, which means the same encryption key is used for both the encryption and the decryption process. The key is shared securely between the sender and the receiver to ensure safe access to the encrypted data.
  • Asymmetric Encryption. In this case, two different encryption keys are used — a public encryption key and a private encryption key. The public key encrypts the data, while the private key decrypts it. With this type of encryption, only the private key needs to be shared and stored securely.

I have also seen some online sources mention hybrid encryption, which basically uses elements from both symmetric and asymmetric encryption. But hybrid encryption isn’t very popular, mostly because it’s really complicated to implement.

How Does Hashing Work?

Hashing uses a hash function, which is basically an algorithm, to scramble and link readable data (also called input data or keys) to hash values, which are fixed-sized strings of characters, numbers, and letters. Once data is hashed, there’s no way to reverse the process.

Hash functions are used alongside a hashing table. This is a data structure that is used to store, retrieve, and remove data input and hash value pairings. To keep it really simple, the hashing table is the thing that’s responsible for actually mapping data inputs to hash values. Basically, the hash function translates the input data into an index (also called a hash code), which is then added to the hashing table — afterwards, the index is linked to the hash value, which is also stored in the hashing table.

How Does Hashing Work?

Due to the way hashing works, hash collisions can occur — this is basically when two or more data inputs are linked to the same hash value. Since malicious actors could exploit this vulnerability, most strong hashing functions are designed to be very collision-resistant (they minimize hash collisions as much as possible).

What Is Salting?

Salting is an extra step added to the hashing process, which is intended to enhance the uniqueness of the resulting hash values. This way, they are less susceptible to brute-force attacks, which are cyberattacks that use trial and error to crack encrypted content. Salting can be used when securing any type of content, but it’s mostly utilized when storing passwords.

Salting works really simply — a cryptographically secure function (basically, an algorithm) is used to automatically generate a value, which is called a “salt.” The value is then automatically added to the input data, basically the password. The value can be added either at the beginning or at the end of the password.

For example, let’s say we’re using “log1n” as input data, and “23DF$r” as the salt. After salting, the input data would look like this “23DF$rlog1n,” or like this “log1n23DF$r.” After that, the input data is hashed with a hash function, resulting in a more resilient hash value.

How Does Hashing Work?

This process is handled by companies that secure and store sensitive data, so you won’t notice or have to take any extra steps on your end as a regular internet user. Ideally, a company would automatically implement salting whenever a user creates a new login and then hash and securely store that data.

Common Encryption Algorithms

There are tons of encryption algorithms in use. You might also see people referring to them as ciphers, which is basically an interchangeable term for “algorithm.” Note that each type of encryption (asymmetric and symmetric) uses different algorithms.

In the table below, I chose to only include algorithms that are widely adopted and have legitimate uses. In addition, I only included algorithms that are secure — I didn’t talk about algorithms that have been discontinued or proven unsecure, as they’re not relevant.

Type of Encryption Encryption Algorithm Quick Notes
Asymmetric Encryption Elliptic Curve Digital Signature Algorithm (ECDSA) Often used in secure messaging apps, implemented in Bitcoin security, and also used to encrypt communications between web browsers and web apps.
Diffie-Hellman (DH) Mainly used to protect data that’s sent over a poorly-secured network or channel. This algorithm is often used by Wi-Fi networks and top VPNs, like ExpressVPN for example
Rivest-Shamir-Adleman (RSA) Commonly used to secure data sent over the web, like digital signatures, messages, and logins.
Symmetric Encryption Advanced Encryption Standard (AES) An extremely strong encryption algorithm that’s used by banks, military institutions, and top VPNs.
ChaCha20 Has the same level of security as AES. But it provides better performance on devices that don’t have AES hardware acceleration (like some mobile devices). Is mainly used by the WireGuard VPN protocol.
Camellia Just as secure as AES, but doesn’t have the same level of adoption. That said, it can be used by the OpenVPN protocol, and it’s also included in various security libraries.

Editors' Note: ExpressVPN and this site are in the same ownership group.

Common Hashing Algorithms

As in the previous section, I’ve only included hashing algorithms that are widely used and also secure. So, for example, I won’t cover the Message Digest Algorithm (MD5) — while it’s well-known, it’s not secure since it has significant issues with hash collisions.

Here are the most common hash functions:

  • Secure Hash Algorithms (SHA). This is a family of algorithms that has evolved over the years. The full list includes SHA-1, SHA-2, and SHA-3. SHA-1 is no longer considered secure since it’s very likely to create hash collisions, so SHA-2 is generally used instead as it’s more secure. SHA-3 provides better protection against certain cyber attacks than SHA-2, but it’s not so widely adopted because it’s much slower than SHA-2.
  • BLAKE. Another cryptographic algorithm family, which consists of BLAKE, BLAKE2, and BLAKE3. All algorithms are very secure, and BLAKE2 is considered to be as secure as SHA-3. However, most BLAKE algorithms are faster than SHA-2 and SHA-3. Also, one of BLAKE2’s variants (BLAKE2s) is used by the WireGuard VPN protocol.
  • RIPE Message Digest (RIPEMD). A family of hash functions that includes RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320. Out of those, RIPEMD-160 is the most commonly used, especially in cryptocurrencies. RIPEMD and RIPEMD-128, however, are generally no longer used because they’re not considered secure — I only added them here because they’re part of the RIPEMD cipher family.

When Is Encryption Used?

Encryption is used in tons of scenarios, so I’m just going to highlight a few well-known ones:

  • Messaging apps. Some messaging services use encryption to secure user messages. Some (like Signal) even use end-to-end encryption, which means that not even the messaging app can decrypt users’ messages.
  • Online banking and purchases. Financial services and eCommerce platforms use encryption to make sure that nobody can monitor users’ transactions and payment data.
  • Wi-Fi networks. All Wi-Fi networks come with the option to encrypt all network traffic. This prevents anyone from spying on the activities of people connected to a Wi-Fi network.
  • VPNs. VPN services use encryption to protect their users’ web traffic, ensuring that third parties can’t monitor it. All top VPNs (like ExpressVPN and Private Internet Access) use the very secure AES algorithm, which is also used by military and financial institutions.
  • File storage. Many apps and even operating systems allow you to encrypt local files, so that nobody can access them if they use your device.

Editors' Note: Intego, Private Internet Access, CyberGhost and ExpressVPN are owned by Kape Technologies, our parent company

When Is Hashing Used?

Like encryption, hashing also has tons of use cases. So, I’ll only mention a few notable ones:

  • Password storage. Hashing provides extra security when storing passwords, by storing hash values instead of the actual passwords — this way, a data breach can’t compromise the actual passwords. 1Password, for example, uses the SHA-256 algorithm to keep users’ passwords safe.
  • File integrity verification. Hashing can be used while sharing and downloading files to ensure that nobody has tampered with the data being transferred.
  • Cryptocurrencies. Many cryptocurrency systems use hashing to protect against Distributed-Denial-of-Service (DDoS) attacks and to also ensure that all data shared over the system is authentic and secure.
  • Digital signatures. Hashing is used to secure digital signatures, generating a hash value when a signature occurs. The hash value then acts as a sort of digital fingerprint that’s unique to the document that was signed.

Frequently Asked Questions

What’s the main difference between hashing and encryption?

There are multiple differences, but really the main one (which is also the easiest to understand) is that encryption is reversible, whereas hashing is irreversible. So, any file that’s scrambled via hashing can’t be returned to its original, readable state. On the other hand, encryption makes data unreadable, but it can also make it readable again via the decryption process.

Is hashing better than encryption?

Neither is better than the other — both hashing and encryption are used to secure data, but each process has its own use cases. For example, encryption is used by messaging apps, Wi-Fi networks, and virtual private networks (VPNs) to protect in-transit web data, whereas hashing is used by companies to secure passwords and verify the integrity of transferred files.

Does hashing encrypt data?

No — hashing instead irreversibly transforms plaintext data into unreadable data. It achieves the same end result as encryption (making data unreadable), but it doesn’t actually encrypt anything. If it were to do that, it’d mean the data could also be decrypted to be made readable again.

Is encryption reversible?

Yes, encryption is a two-way process. It uses an encryption key to make data unreadable, and a decryption key to make it readable again. Hashing, on the other hand, is irreversible — you can’t turn data into plaintext once you’ve made it unreadable.

The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented. 
Learn more
About the Author
Tim Mocan
Tim Mocan
Senior Writer

About the Author

Tim Mocan is a Senior Writer at SafetyDetectives. He has 5+ years of experience researching and writing about cybersecurity topics, and he specializes in VPNs. Prior to joining SafetyDetectives, he worked as a contributor for other VPN review websites and as a content writer for several VPN providers. Throughout his freelance writing career, he has also covered other niches, including SEO, digital marketing, customer loyalty, home improvement, and health and rehab. Outside of work, Tim loves to spend his time traveling, playing video games, binging anime, and using VPNs (yes, really!).

Leave a Comment