Bcrypt

Free online tool. All processing is client-side. No signup needed.

How to Use the Bcrypt

1. Enter your input values above
2. Results update automatically
3. Copy or download the output

What is a Bcrypt?

A Bcrypt Hash Generator creates secure password hashes using the bcrypt algorithm — the gold standard for password storage in web applications since 1999. Unlike fast hash functions (SHA-256, MD5), bcrypt is deliberately SLOW (configurable cost factor) and includes a random salt to resist brute-force and rainbow table attacks. A bcrypt hash at cost factor 12 takes ~0.3 seconds to compute — negligible for login, but devastating for attackers trying billions of guesses per second. In 2026, bcrypt remains the recommended choice alongside Argon2id for password hashing.

How Does It Work?

Enter a password and select the cost factor (10-14; higher = slower but more secure). The generator creates a 16-byte random salt, then runs the bcrypt key derivation function: it hashes (salt + password) repeatedly (2^cost iterations), producing a 184-bit hash. The output format: $2b$12$[22-char-salt][31-char-hash]. The cost factor and salt are embedded in the output string, so verification knows exactly how to recompute. All processing is client-side.

Formula

Bcrypt Algorithm:\n\nOutput Format: $2b
lt;cost>
lt;22-char-salt><31-char-hash>\n\nComponents:\n• $2b$ = Algorithm version (b = February 2014 bug fix)\n• $12$ = Cost factor (2^12 = 4,096 iterations)\n• 22 char salt = 128-bit random value, Base64 encoded\n• 31 char hash = 184-bit Blowfish-derived output\n\nCost Factor vs. Time (approximate, 2026 hardware):\n• 10 → ~0.08s (okay, but consider higher)\n• 12 → ~0.3s (recommended for most apps)\n• 14 → ~1.2s (high security, acceptable for login)\n\nSalt: 128 random bits, unique per hash — prevents rainbow table attacks\nWork Factor: doubles with each increment (+1 = 2× iterations)\n\nVerification: bcrypt.compare(plaintext, hash) → boolean

Who Uses This Tool?

• Backend developers hashing user passwords before database storage
• DevOps engineers generating password hashes for basic auth in reverse proxies
• Security auditors verifying password hashing best practices in applications
• Authentication system setup: creating initial admin password hashes
• Education: understanding why bcrypt is safer than SHA-256 for passwords

Pro Tips

• Never store plain-text passwords. Never store SHA-256(password) — it's too fast and vulnerable to GPU brute-force (billions/second). Always use bcrypt, Argon2id, or scrypt
• Cost factor 12 is the 2026 sweet spot: ~0.3 seconds is fine for login (users won't notice), but limits an attacker to ~3 attempts/second per GPU
• Increase the cost factor over time as hardware improves. What was secure at factor 10 in 2016 should be factor 12 in 2026. Test on your target hardware
• Bcrypt truncates passwords to 72 bytes. For longer passwords, pre-hash with SHA-256 or use Argon2id which doesn't have this limitation

Frequently Asked Questions about Bcrypt

Bcrypt vs Argon2 — which should I use?

Both are excellent. Bcrypt is battle-tested (25+ years), has the broadest library support, and is simpler. Argon2id (2015) won the Password Hashing Competition, is more resistant to GPU/ASIC attacks, and supports memory hardness as well as CPU hardness. New projects should consider Argon2id; existing bcrypt implementations are still secure.

What if my user's password is longer than 72 characters?

Bcrypt's 72-byte input limit means very long passwords are truncated. For most users this is fine (few have 72+ char passwords). For maximum security, pre-hash long passwords with SHA-256 before bcrypt, or switch to Argon2id.

Free online Bcrypt — no signup, 100% client-side processing. All data stays in your browser.