Bcrypt Hash Generator

Generate bcrypt-style password hashes with configurable cost factors. Ideal for understanding bcrypt output format and testing password workflows.

Note: True bcrypt uses the Blowfish cipher and requires a server-side implementation. This tool generates a SHA-256 based simulation formatted in bcrypt's $2a$ output style for demonstration and learning purposes. For production use, use a server-side bcrypt library (e.g., password_hash() in PHP, bcrypt in Node.js).

Password

Cost Factor (Rounds = 2^cost)

Bcrypt Hash Output

Cost: - Salt: - Length: - chars

Verify Password Against Hash

About Bcrypt

Bcrypt is a password hashing function based on the Blowfish cipher. It was designed in 1999 by Niels Provos and David Mazieres. Its key advantage is the configurable cost factor, which makes it resistant to brute-force attacks as hardware gets faster.

Bcrypt Hash Format

A bcrypt hash looks like: $2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy

$2a$ — Algorithm identifier (bcrypt)
10$ — Cost factor (2^10 = 1,024 rounds)
Next 22 characters — Base64-encoded salt
Remaining 31 characters — Base64-encoded hash

Cost Factor Guidelines

10 — Minimum recommended (default in most libraries)
12 — Good balance of security and performance
14+ — High security but slower (suitable for low-traffic systems)
Each increment doubles the computation time

Related Tools

Password Generator — generate strong passwords to hash
Hash Generator — SHA-256, SHA-512, MD5 hashes
Password Strength Checker — test password strength
HMAC Generator — keyed hash authentication
Text Encryption — encrypt and decrypt text