We use cookies to understand how DevToolsHub is used and to improve your experience. You can choose which types of cookies to allow.
Generate bcrypt password hashes with configurable rounds.
Loading...
Loading...
Bcrypt is a password hashing function designed by Niels Provos and David Mazières in 1999. It is based on the Blowfish cipher and was specifically created to address the fundamental weakness of general-purpose cryptographic hashes like MD5 and SHA-256 when used for password storage: they are too fast. Bcrypt solves this by incorporating a cost factor(also called "rounds") that determines how many iterations of the key expansion algorithm to run. Each increment of the cost factor doubles the computation time, making bcrypt deliberately slow and exponentially more resistant to brute-force attacks over time as hardware improves.
A bcrypt hash has a distinctive format that embeds all the information needed to verify a password. It looks like this: $2a$10$N9qo8uLOickgx2ZMRZoMy.Mrq4KjBmWq8SmgZgKq8Kq8Kq8Kq8Kq8. The $2a$ prefix identifies the bcrypt version, the 10 is the cost factor (2^10 = 1,024 iterations), and the remaining 53 characters encode the 22-character salt and 31-character hash. This means the salt is stored alongside the hash β you never need to track it separately.
Bcrypt also includes a built-in salt, which protects against rainbow table attacks. A salt is a random value added to the password before hashing, ensuring that even if two users have the same password, their hashes will be completely different. Bcrypt automatically generates and embeds the salt in the hash output, so there is no need to manage salts manually. This tool generates a fresh random salt for every hash operation using the bcryptjs library.
When it comes to password storage, not all hash algorithms are created equal. MD5 and SHA-1 are general-purpose cryptographic hash functions designed to be fast β they can compute millions of hashes per second on a modern GPU. This speed is their downfall for password security: if an attacker obtains your password database, they can try billions of password guesses per second against MD5 or SHA-1 hashes. SHA-256 and SHA-512 are similarly fast, making them equally unsuitable for password storage without additional iterations (which is what PBKDF2 does).
Bcrypt is fundamentally different. Its adaptive cost factormeans you can increase the difficulty over time as hardware gets faster. A cost factor of 10 (the default) means 2^10 = 1,024 iterations of the key schedule, taking roughly 100ms. At cost 12, that becomes about 400ms. At cost 14, over 1.5 seconds. This makes brute-forcing a bcrypt hash orders of magnitude more expensive than an SHA-256 hash. A GPU that can try 50 billion MD5 hashes per second might only manage a few thousand bcrypt attempts β a difference of millions of times.
Bcrypt also has a maximum input length of 72 bytes. For most passwords this is not an issue, but if you are hashing long passphrases, you should pre-hash them with a fast algorithm like SHA-256 and then bcrypt the result. Other password-specific algorithms like scrypt and Argon2 offer additional protections (memory hardness), but bcrypt remains the most widely supported and battle-tested option for password storage.
Loading...