KDFs 7 tools Browser only

Key Derivation & Password Hashing

Modern password hashing algorithms designed to resist brute-force attacks. Argon2 winner of Password Hashing Competition, bcrypt, scrypt, PBKDF2, and HKDF.

About KDFs

KDFs derive cryptographic keys from passwords or shared secrets. Argon2, bcrypt, scrypt, and PBKDF2 are designed to resist brute-force attacks.

Runtime

All tools run locally in the browser using WebAssembly and JavaScript hash libraries.

PBK

PBKDF2

Derive secure keys with PBKDF2 online - the standard password-based key derivation defined in PKCS #5 and updated by RFC 8018. Generate strong encryption keys with configurable iterations for WiFi WPA and password storage.
S

Scrypt

Derive keys with Scrypt online - memory-hard password-based key derivation resisting GPU and ASIC attacks. Litecoin and Dogecoin mining algorithm, predecessor to Argon2 for password storage.
A2

Argon2d

Calculate Argon2d hashes online - the data-dependent memory-hard variant maximizing GPU and ASIC resistance. For cryptocurrency proof-of-work and non-interactive hashing applications.
A2

Argon2i

Hash passwords with Argon2i online - the side-channel resistant memory-hard variant for password storage. Data-independent memory access for secure cloud and shared environment deployments.
A2

Argon2id

Hash passwords with Argon2id online - modern memory-hard password hashing and winner of the Password Hashing Competition. Designed to raise GPU and ASIC attack costs for password storage.
BCR

bcrypt

Hash passwords securely with bcrypt online - a widely deployed adaptive password hashing function since 1999. Compatible with PHP password_hash and configurable cost factors for long-term password storage.
HKD

HKDF

Derive cryptographic keys with HKDF online - HMAC-based extract-and-expand key derivation (RFC 5869). Used in TLS 1.3, Signal Protocol, and IPsec for secure session key generation.

KDFs FAQ

Which password hashing tool should I choose?

Argon2id is the modern default for new password storage. bcrypt and scrypt remain useful when compatibility or existing infrastructure requires them.

Can I use SHA-256 for passwords?

Do not use a plain SHA-256 hash for password storage. Use a dedicated KDF or password hashing algorithm with a unique salt and tuned cost settings.