What Is PBKDF2? Password Hashing in Plain English

GlossaryJune 19, 20262 min read

PBKDF2 stands for Password-Based Key Derivation Function 2. It's a standardized algorithm that turns a password into a strong cryptographic key by hashing it many thousands of times. You'll see it mentioned in password managers, login systems, and encryption tools — it's one of the quiet workhorses keeping your secrets safe.

The problem PBKDF2 solves

Passwords are short, predictable, and low-entropy compared to proper cryptographic keys. If a service simply hashed your password once and stored it, an attacker who stole the database could try billions of guesses per second on modern hardware.

PBKDF2 fixes this by making each guess deliberately slow and expensive. It does this with two tricks: salting and iteration.

How PBKDF2 works

Salt: a unique random value is added to your password before hashing. This means two people with the same password get completely different results, and attackers can't use precomputed "rainbow tables."
Iteration: the hash function is applied over and over — thousands or hundreds of thousands of times. The output of each round feeds into the next.

The result is a derived key that's effectively impossible to reverse, and slow to brute-force.

Why the iteration count matters

The "iteration count" (or "work factor") is the number of times PBKDF2 repeats its hashing. Higher counts make each password attempt take longer:

For you, logging in once, the delay is imperceptible — a fraction of a second.
For an attacker trying billions of guesses, that tiny delay multiplies into years of compute.

As hardware gets faster, recommended iteration counts go up. This is why modern systems use far higher counts than they did a decade ago, and why you'll sometimes see security tools bump their iteration count in updates.

PBKDF2 vs. newer algorithms

PBKDF2 is well-tested and widely supported, but newer functions like bcrypt, scrypt, and Argon2 were designed to also resist attacks using specialized hardware (GPUs and ASICs) by demanding lots of memory, not just time. PBKDF2 is still considered secure when configured with a high iteration count, but Argon2 is often the modern recommendation for new systems.

Why this matters for your password

No matter how good PBKDF2 is, it can only buy time — it can't save a weak password forever. A strong, high-entropy password combined with a slow key derivation function is what makes cracking impractical. That's the whole game: make each guess expensive, and make sure there are far too many possible passwords to guess. Learn more about how hackers crack passwords.

Where Passlock fits

Passlock relies on the native macOS Keychain, which uses Apple's hardened cryptography and secure hardware to protect your data — the same defense-in-depth philosophy PBKDF2 represents. You don't have to configure any of this, but it helps to understand that the strength of any vault comes from two things working together: a tough key derivation step like PBKDF2, and a strong master password only you know.

Frequently asked questions

What is PBKDF2 used for?

PBKDF2 turns a password into a secure cryptographic key by salting it and hashing it many thousands of times. It's used to protect stored passwords and to derive encryption keys in password managers and login systems.

Why does PBKDF2 use so many iterations?

Each iteration makes one password guess slightly slower. That's unnoticeable when you log in once, but it multiplies into an enormous cost for an attacker trying billions of guesses, which is the point.

Is PBKDF2 still secure?

Yes, when configured with a high iteration count. Newer algorithms like Argon2 add resistance to specialized hardware attacks and are often recommended for new systems, but PBKDF2 remains widely trusted.