byte[] key = new byte[256];
    byte[] hashes = new byte[hashBytes * 256];

    // Hash keys of the form {}, {0}, {0,1}, {0,1,2}... up to N=255,using 256-N as the seed
    for (int i = 0; i < 256; i++) {
      key[i] = (byte) i;
      int seed = 256 - i;
      byte[] hash = hashFunction.hash(Arrays.copyOf(key, i), seed);
      System.arraycopy(hash, 0, hashes, i * hashBytes, hash.length);
    }

 *       these feats has become computationally feasible, the function is deemed "broken" and should
 *       no longer be used for secure purposes. (This is the likely eventual fate of <i>all</i>
 *       cryptographic hashes.)
 *   <li><b>fast:</b> perhaps self-explanatory, but often the most important consideration.
 * </ul>
 *
 * <h3>Providing input to a hash function</h3>
 *

 *       these feats has become computationally feasible, the function is deemed "broken" and should
 *       no longer be used for secure purposes. (This is the likely eventual fate of <i>all</i>
 *       cryptographic hashes.)
 *   <li><b>fast:</b> perhaps self-explanatory, but often the most important consideration.
 * </ul>
 *
 * <h3>Providing input to a hash function</h3>
 *

  }

  private static <E> List<E> list(E... elements) {
    return ImmutableList.copyOf(elements);
  }

  /**
   * Utility method to verify that the given LinkedHashSet is equal to and hashes identically to a
   * set constructed with the elements in the given collection. Also verifies that the ordering in
   * the set is the same as the ordering of the given contents.
   */

 * @since 16.0
 */
@Beta
@ElementTypesAreNonnullByDefault
public final class HashingOutputStream extends FilterOutputStream {
  private final Hasher hasher;

  /**
   * Creates an output stream that hashes using the given {@link HashFunction}, and forwards all
   * data written to it to the underlying {@link OutputStream}.
   *
   * <p>The {@link OutputStream} should not be written to before or after the hand-off.
   */

If your database is stolen, the thief won't have your users' plaintext passwords, only the hashes.

So, the thief won't be able to try to use that password in another system (as many users use the same password everywhere, this would be dangerous).

## Install `passlib`

PassLib is a great Python package to handle password hashes.

It supports many secure hashing algorithms and utilities to work with them.

            function.bits(),
            function);
      }
    }

    @Override
    HashCode makeHash(Hasher[] hashers) {
      byte[] bytes = new byte[bits() / 8];
      int i = 0;
      for (Hasher hasher : hashers) {
        HashCode newHash = hasher.hash();
        i += newHash.writeBytesTo(bytes, i, newHash.bits() / 8);
      }
      return HashCode.fromBytesNoCopy(bytes);

func crcHashMod(key string, cardinality int) int {
	if cardinality <= 0 {
		return -1
	}
	keyCrc := crc32.Checksum([]byte(key), crc32.IEEETable)
	return int(keyCrc % uint32(cardinality))
}

func hashKey(algo string, key string, cardinality int, id [16]byte) int {
	switch algo {
	case formatErasureVersionV2DistributionAlgoV1:
		return crcHashMod(key, cardinality)

import jcifs.smb1.smb1.NtlmPasswordAuthentication;
import jcifs.smb1.util.Base64;

/**
 * This class is used internally by <tt>NtlmHttpFilter</tt>,
 * <tt>NtlmServlet</tt>, and <tt>NetworkExplorer</tt> to negiotiate password
 * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
 * containers to incorporate similar functionality.
 * <p>
 * How NTLMSSP is used in conjunction with HTTP and MSIE clients is

But you cannot convert from the gibberish back to the password.

##### Why use password hashing

If your database is stolen, the thief won't have your users' plaintext passwords, only the hashes.

So, the thief won't be able to try to use those same passwords in another system (as many users use the same password everywhere, this would be dangerous).

//// tab | Python 3.10+

```Python hl_lines="82-85"