LM, reply with more details later
This website tells you how to hash passwords but since we want to make sure one HKID will always produce the same output, we will be intentionally reusing the salt site-wide:
https://crackstation.net/hashing-security.htm
If we don't want to go through the troubles of making a website (WordPress is closed source, meaning you can't see the source code and is therefore not very secure), perhaps requiring the voters to share a redacted version of their HKID card through OnionShare should be fine. (Remove metadata, upload through Tor)