Bcrypt Hash & Verify
Generate bcrypt password hashes with an adjustable cost factor, or verify an existing hash against a plaintext password. Runs entirely in your browser using bcryptjs.
Hash a password
Verify a hash
About Bcrypt
Bcrypt is an adaptive password-hashing function based on the Blowfish cipher, published by Niels Provos and David Mazières in 1999. Its core feature is a tunable cost factor: as hardware gets faster, you raise the cost so each hash still takes a noticeable amount of CPU, making offline brute-force attacks expensive even if your password database leaks.
A bcrypt hash looks like: $2b$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy — $2b$ is the variant, 10 is the cost (2^10 = 1024 iterations of the key schedule), then 22 base64 characters of salt, then 31 of hash.
Picking a Cost Factor
- 10 — current OWASP minimum; ~100 ms per hash on a modern CPU
- 12 — recommended for security-sensitive applications (~400 ms)
- 14 — about 1.5 s; only practical for low-volume login flows
This page lets you crank the cost up to 14 to see how long it really takes on your own hardware before you ship a value to production.
When NOT to Use Bcrypt
- For new systems, prefer Argon2id — it's the PHC competition winner and resists GPU/ASIC attacks better.
- For passphrases over 72 bytes, bcrypt silently truncates. Pre-hash with SHA-256 first, or use Argon2/scrypt.
- For non-password data (file integrity, API tokens), use SHA-256/HMAC — bcrypt is intentionally slow and overkill.
Frequently Asked Questions
$2a$ (original, has a known sign-extension bug in some implementations), $2b$ (current OpenBSD spec), $2y$ (PHP fix for the $2a$ bug). $2b$ is the modern default.