Bcrypt works by adding a salt to the password before hashing it multiple times. This process makes it computationally expensive to crack the hashed password, thereby enhancing security. The salt ensures that even if two users have the same password, their hashed passwords will be different.