Generate bcrypt password hashes for secure password storage. Create salted bcrypt hashes with adjustable work factors for authentication systems and user databases.
Bcrypt is a password hashing function designed specifically for secure password storage. It incorporates a salt to protect against rainbow table attacks and a cost factor that makes brute force attacks progressively more expensive as computing power increases. Bcrypt is the recommended password hashing algorithm by OWASP and security experts.
bcrypt(password, cost) = $2b$cost$salt+hashA bcrypt hash contains: the algorithm identifier ($2b$), the cost factor (number of key expansion rounds, typically 10-12), a 22-character salt, and a 31-character hash. The cost factor is exponential — cost 12 means 2^12 = 4096 rounds. Higher cost means more secure but slower hashing.
| Input | Output |
|---|---|
| mypassword123 (cost: 10) | $2b$10$N9qo8uLOickgx2ZMRZoMy.MrqJ3Y0R6tVJfH8mQ3VbK5cLtP6X2Wy |
| mypassword123 (cost: 12) | $2b$12$WApznUPhDubN0oeveSXHp.YEfCOL5mQJmZJhVqFfUx3wKgN0A4Kie |
| admin (cost: 10) | $2b$10$kQ7Z8X6bN3mP2rT9vL4yYOeJfDgH5iKa8bN2mQ6sU1wX3cY9vL5dG |