The Sha256 is a function of the Sha2 algorithm (similar to versions 384, 512, and more recently 224), which is akin to Sha1, itself derived from Sha-0. This "hashing" algorithm was created by the NSA to address the security issues posed by Sha1, following the theoretical discovery of collisions at 2^63 operations.
The algorithm takes as input a message of a maximum length of 2^64 bits and produces a hash, or condensed version, of 256 bits. Sha256 is becoming increasingly common as a replacement for md5, particularly because it offers a good balance between online storage space and security. Like other cryptographic functions in its family, Sha256 is one-way, and the original message cannot be retrieved from the sha256 hash alone. Therefore, this sha256 hash needs to be compared to a database, and that's what is done here on an online password database from leaks coming from major websites. I have also searched through all possible dictionaries, which I modified for several days to obtain a truly unique dictionary.
Sha256 is a good solution for storing passwords; its security is much stronger than Md5 or Sha1. However, you should always use a salt to enhance security. The salt is a sequence, which can be random or not, that you add to the password entered by the user before hashing it to make it longer and add special characters. This will make brute-force attacks more difficult and prevent the password from being stored in online databases. Test the strength of your passwords here by comparing them to our online Sha256 hash database.