Bcrypt Hash Generator
Generate bcrypt hashes for passwords using a custom cost factor. Runs 100% in your browser.
100% client-side · no upload
What is bcrypt?
Bcrypt is an adaptive password-hashing function designed by Niels Provos and David Mazières in 1999. It deliberately slows down hash computation by repeating an expensive key-setup routine a configurable number of times (the cost factor, expressed as 2n iterations). This makes brute-force and dictionary attacks impractical even on modern hardware, and the cost can be increased as CPUs get faster.
How to use
- Enter the password you want to hash in the input field.
- Select a cost factor — 10 is the recommended default for production.
- Click Generate Hash and wait a moment for the computation to complete.
Common use cases
- Verifying that your backend produces the same hash format as expected.
- Testing bcrypt round-trip (hash then verify) in isolation.
- Learning how cost factor affects computation time.
Related tools: HMAC-SHA256, Hex ↔ ASCII, Base32 Encoder
Frequently Asked Questions
- Is it safe to hash passwords in the browser?
- For testing and development purposes yes — this tool runs entirely in your browser and never transmits your input anywhere. For production, always hash passwords server-side so the plaintext is never sent over the network.
- Does my data leave my device?
- No. The entire bcrypt computation happens inside your browser using the bcryptjs library. No data is sent to any server.
- Does it work on mobile?
- Yes. The tool runs in any modern mobile browser. Higher cost factors will take longer on slower devices.