BCrypt Hash Generator Online
Generate and verify BCrypt password hashes in your browser. 100% client-side — your password never leaves your device.
Cost 10: ~100ms per hash. Good default for most applications.
What Is BCrypt?
BCrypt is a password hashing function designed by Niels Provos and David Mazières in 1999, based on the Blowfish cipher. Unlike general-purpose cryptographic hashes (MD5, SHA-1, SHA-256), BCrypt was specifically built for password storage. Its key features are:
- Salt-based — BCrypt automatically generates and embeds a random 128-bit salt in every hash, making rainbow-table attacks useless.
- Adaptive cost factor — The cost (or work factor) can be increased as hardware gets faster, keeping hashing computationally expensive for attackers over time.
- Fixed-length output — Always produces a 60-character string starting with
$2b$, regardless of password length.
Understanding the Cost Factor
The cost factor (also called the work factor or rounds) is the exponent in 2^cost iterations of the key schedule. This means each increment doubles the computation time:
| Cost | Iterations | Approx. time (modern CPU) | Use case |
|---|---|---|---|
| 8 | 256 | ~6 ms | Low-security or test environments |
| 10 | 1,024 | ~100 ms | Default; good for most web apps |
| 12 | 4,096 | ~400 ms | Recommended for sensitive data |
| 14 | 16,384 | ~1.5 s | High-security, low-volume auth |
The right cost factor depends on your hardware and acceptable latency. A common recommendation is to target 100–300 ms on your production server, adjusting the cost factor upward as servers get faster over time.
BCrypt vs MD5 / SHA-1 / SHA-256
MD5 and SHA variants are general-purpose hash functions designed for speed. A modern GPU can compute billions of SHA-256 hashes per second, making brute-force attacks on leaked databases trivially fast. BCrypt's slow, iterative design flips this advantage: even with a leaked database, attacking each password requires significant computation per guess.
| Algorithm | Built for passwords? | Salt included? | Adaptive cost? | Use for passwords? |
|---|---|---|---|---|
| MD5 | No | No | No | Never |
| SHA-1 | No | No | No | Never |
| SHA-256 | No | No | No | Only with separate salting |
| BCrypt | Yes | Yes (built-in) | Yes | Yes — recommended |
| Argon2id | Yes | Yes (built-in) | Yes | Yes — modern preferred choice |
Password Storage Best Practices
- Never store plaintext passwords — store only the hash.
- Use BCrypt, scrypt, or Argon2id — avoid MD5/SHA-* for passwords.
- Let BCrypt handle salting — do not roll your own salt logic.
- Keep cost factor under review — increase it when you upgrade servers.
- Use HTTPS everywhere — hashing is a server-side protection; it doesn't protect passwords in transit.
- Never log passwords — not even in debug/error logs.
- Implement rate limiting — slow hashing helps, but rate-limiting login attempts adds another layer.
Frequently Asked Questions
Is this tool safe to use with real passwords?
Yes. All hashing and verification happens entirely in your browser using the bcryptjs library. No data is transmitted to any server. That said, for maximum security, use this tool only for testing — never paste production credentials into any online tool.
Why does BCrypt hash the same password differently each time?
BCrypt generates a new random salt on every call. Two hashes of the same password will look completely different but will both verify correctly against that password. The salt is embedded in the hash string itself — no separate storage needed.
Can I use BCrypt in Node.js, Python, PHP?
Yes. Node.js: bcryptjs or bcrypt (native). Python: passlib or bcrypt. PHP: built-in password_hash($pass, PASSWORD_BCRYPT). Go: golang.org/x/crypto/bcrypt.
What is the maximum password length for BCrypt?
BCrypt truncates input at 72 bytes. Passwords longer than 72 bytes will hash to the same value if the first 72 bytes are identical. If you need to support very long passphrases, pre-hash with SHA-256 before passing to BCrypt (use constant-time comparison when verifying).
What does the $2b$ prefix mean?
The BCrypt hash format is $2b$[cost]$[22-char salt][31-char hash]. The $2b$ version identifier was introduced to fix a bug in older $2a$ implementations. Use $2b$ for all new systems.