The algorithm commonly used for password hashing is Bcrypt, which is designed to be computationally intensive to make brute-force attacks more challenging. Bcrypt incorporates a technique called salting, which adds a random value to passwords before hashing, ensuring that identical passwords do not generate the same hash. This enhances security by thwarting attackers who may use precomputed databases of hashed passwords. Bcrypt's adaptability via its cost factor also allows developers to adjust the hashing complexity as computing power improves.