KDFs hash-wasm kdf

bcrypt Generator - Adaptive Password Hashing

Generate bcrypt hashes - the time-tested adaptive password hashing based on Blowfish cipher.

bcrypt.workspace
2 options
0 bytes UTF-8, Hex, or Base64 input

Secure client-side computation. No data leaves your browser. Privacy Security

Result Output

What Is bcrypt?

bcrypt is a password hashing function based on the Blowfish cipher, using a salt and adaptive cost factor to resist brute-force attacks. It has been widely used for password hashing since 1999.

Specifications

Output Size N/A
Standard USENIX bcrypt paper
Standard Year 1999

Use Cases

  • Unix/Linux system password storage
  • Web application password hashing
  • PHP password_hash() default
  • Legacy system password upgrades
  • Systems requiring proven track record
!

Security Notice

bcrypt is limited to 72-byte passwords and truncates null bytes. For new systems, Argon2id is recommended.

Related Tools

Argon2id KDFs Scrypt KDFs PBKDF2 KDFs

Utilities

File Hash Verifier Verify local files against published checksums. Hash Compare Compare expected and actual digest values. Multi Hash Generator Generate common hashes from one input.

Guides

Algorithm Comparison Guide Choose the right primitive for each task. Hash Test Vectors Compare known outputs across common algorithms.

Implementation Notes

Practical usage details for this browser-based bcrypt tool.

How to Generate a bcrypt derived value

  1. Choose UTF-8, Hex, Base64 input mode.
  2. Enter the text or encoded bytes you want to process.
  3. Adjust the bcrypt options if your use case requires non-default settings.
  4. Click Generate bcrypt Derived Value and copy the result.

Example Input

Sample input:

abc

Use this sample input, then copy the generated derived value from the result panel.

When Not to Use bcrypt

  • Do not use it when you need general-purpose key derivation; choose a KDF such as HKDF, PBKDF2, scrypt, or Argon2 instead.
  • Do not use it when your workflow requires very fast computation.

Recommended Alternatives

Review related tools when you need a different output size, security margin, or keyed construction.

bcrypt Test Vectors

Input: password + fixed 16-byte salt

bcrypt output is encoded with salt, cost, and version, so exact output depends on those parameters.

Command Line Alternatives

python -c "import bcrypt; print(bcrypt.hashpw(b'password', bcrypt.gensalt(rounds=12)))"

Security Guidance

bcrypt remains widely deployed, but it truncates inputs at 72 bytes. Prefer Argon2id for new systems when available.

Contextual Links

Generate a bcrypt test hashCompare with Argon2idCompare with scrypt Privacy Security

Frequently Asked Questions