After the answer Baguette. The reason you use passwords is to avoid having to store the plaintext password for authentication.
Instead, you store a password hash.
After that, the authentication / login process will look something like this:
The user enters a password.
Hash the password they enter.
Compare the entered hash with the stored hash.
If the hashes match, then the password is valid, so the user is authenticated.
The reason for this is to protect user authentication data. Therefore, if your password file or database somehow becomes publicly available, the attacker cannot claim to be a real user.
Thus, the nature of the hashing function means it is one-way, and therefore the original plain text cannot be restored.
That the theory, of course, in practice becomes more complex. Most users tend to use passwords that they easily remember, so this means that all your security efforts can be nullified, because if someone received your password / DB file, then offline they can create a dictionary of common words and iterate and hash until they find the corresponding hash in your list.
To avoid this, many people use the "salting" method when the password has a short cryptographic "random" string added to the password before hashing. Read this for more details.
Another issue here is the strength of your hash algorithm - you need to make sure that you cannot create a โcollisionโ, that is, two pieces of plaintext that produce the same value of the hash function.
Many older hashing algorithms, such as MD5 and SHA1, are increasingly becoming vulnerable in this regard.
MD5 is considered broken
SHA1 is also considered broken
Hope this helps, and I understand that itโs probably a little more than you asked, but I think that important people understand the security problems when implementing the authentication code