Password Hash Generator — Bcrypt · Strength Meter · Verify Online
Adjustable cost factor · Password strength meter · Benchmark · Verify mode · Code snippets · 100% browser-side
Enter a password and click Generate
bcrypt · Adjustable cost factor · Random salt · One-way hash
Generate secure password hashes for database storage. Uses bcrypt with configurable cost factor, password strength analysis with entropy bits and crack time estimate, and verify mode for testing. Never store plaintext passwords — always store the bcrypt hash.
What is Bcrypt?
Bcrypt is a password hashing algorithm designed by Niels Provos and David Mazières in 1999. Unlike general-purpose hash functions (MD5, SHA-256), bcrypt is intentionally computationally expensive. It uses a configurable cost factor to ensure hashing always takes a significant amount of time — making brute-force and dictionary attacks impractical even with modern GPU hardware.
Choosing the Right Cost Factor
The cost factor (work factor) controls how slow bcrypt is. Cost 12 means 2^12 = 4,096 internal rounds. Each increment doubles the time. The OWASP recommendation is to target 100–300ms hashing time on your production server. Cost 12 is typically right for modern hardware — run the benchmark to find the right value for your specific server.
Frequently Asked Questions
Why should I hash passwords instead of encrypting them?
Hashing is one-way — you cannot reverse it. Encryption is two-way — if your encryption key is compromised, all passwords are exposed. Hashed passwords are useless to attackers even if the database is stolen.
Why not use MD5 or SHA-256 for passwords?
MD5 and SHA-256 are too fast. A GPU can compute billions per second, making brute-force trivial. Bcrypt is designed to be slow — configurably so. Even a cost-10 bcrypt hash is 1 million times harder to crack than MD5.
What database column type should I use for bcrypt hashes?
Use VARCHAR(60) minimum — bcrypt always produces exactly 60 characters. Using CHAR(60) is also fine. Never use a shorter column as it will truncate the hash, making all verifications fail.
Should I salt passwords before bcrypt?
No. Bcrypt automatically generates and embeds a cryptographically random 128-bit salt. Adding your own salt before bcrypt is unnecessary and can introduce vulnerabilities if done incorrectly.
What is the maximum password length for bcrypt?
Bcrypt silently truncates passwords at 72 bytes. For passwords longer than 72 bytes, pre-hash with SHA-256 (hex output) before passing to bcrypt. Or use Argon2id which has no length limit.