[Kaperstone]

Quote:

Originally Posted by BigETI An hashing algorithm that creates a different hash for the same input cannot be used for password validity checks.

bcrypt does just that.

When you hash a password, no matter whether it equals to the same one or has 1 character diff. it will always produce different hash, the salt is stored with the result, same as the power of the hashing algorithm.

There's a special validation function for it to check if two passwords match.
(well, the salt and the power present, so you just take them both and use them against the unhashed password, match no match)