Bcrypt Generator
Generate bcrypt password hashes with adjustable cost factor (salt rounds).
- Home
- > Hash & Security >
- Bcrypt Generator
Bcrypt is the industry standard for password hashing. It incorporates a salt and an adjustable cost factor to resist brute-force and rainbow table attacks.
What is Bcrypt?
Bcrypt is a password hashing function designed by Niels Provos and David Mazières in 1999, based on the Blowfish cipher. It is the most widely used password hashing algorithm and is the default for many frameworks including Laravel, Ruby on Rails, Django, and Node.js.
Bcrypt was designed to be computationally expensive and adaptively slow. The cost factor (also called salt rounds) controls how many iterations of the key derivation function are performed. Each increment of the cost factor doubles the time required to compute a single hash — making it progressively harder for attackers to brute-force passwords even as hardware improves.
Bcrypt Hash Format
A bcrypt hash has this structure:
$2y$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy
$2y$— Algorithm prefix (2a,2b, or2yfor different implementations)10$— Cost factor (210 = 1024 iterations)- First 22 characters — Base64-encoded salt (128 bits)
- Remaining 31 characters — Base64-encoded hash (184 bits)
The total hash is always 60 characters long.
Why Use Bcrypt for Passwords?
- Automatic salting — Bcrypt generates a cryptographically random salt automatically for each hash. You don't need to manage salts manually.
- Adaptive cost — As hardware gets faster, you can increase the cost factor to maintain security. A hash created today will still be verifiable tomorrow with a higher cost.
- Resistance to GPU/ASIC attacks — Bcrypt is memory-hard and requires significant RAM, making parallel computation on GPUs and custom hardware much less effective compared to simple SHA-* hashing.
- Proven track record — First released in 1999, bcrypt has been extensively analyzed by cryptographers and has no known practical vulnerabilities.
- Wide support — Built into PHP, Python, Node.js, Ruby, Java, Go, Rust, and virtually every major programming language.
How to Use This Bcrypt Generator
- Enter a password — Type or paste the password you want to hash.
- Adjust the cost factor — Use the slider to set the number of salt rounds (4–31). Higher values are slower but more secure. The default is 10 (210 = 1,024 iterations).
- Click "Generate Bcrypt Hash" — The server computes the bcrypt hash using PHP's
password_hash()function. - Copy the hash — Use the copy button to save the hash for use in your application or database.
Choosing the Right Cost Factor
| Cost | Iterations (2cost) | Approx. Time | Recommendation |
|---|---|---|---|
| 4 | 16 | < 1 ms | Too fast, not recommended |
| 8 | 256 | ~5 ms | Minimum acceptable |
| 10 | 1,024 | ~50 ms | Default — good balance |
| 12 | 4,096 | ~200 ms | Recommended for production |
| 14 | 16,384 | ~800 ms | High security, slower UX |
| 16+ | 65,536+ | > 3 seconds | Extreme security only |
Frequently Asked Questions
Is bcrypt still secure in 2026?
Yes. Bcrypt remains one of the most widely recommended password hashing algorithms. For new applications, many security experts now recommend Argon2id (the OWASP-recommended algorithm), but bcrypt is still a strong choice with excellent library support. The key is to choose an adequate cost factor — at least 10, preferably 12.
What is the difference between $2a$, $2b$, and $2y$?
These prefixes indicate different bcrypt implementations. $2a$ is the original format. $2x$ and $2y$ are PHP-specific variants that fix a bug in how PHP's crypt() function handled certain characters. Laravel and modern PHP use $2y$. All variants are interoperable for verification purposes.
Can I verify a bcrypt hash?
Yes! Use PHP's password_verify($password, $hash) function. This tool only generates hashes. For verification, use our Hash Checker tool or verify directly in your application code.
Why does bcrypt produce a different hash each time for the same password?
Bcrypt automatically generates a random salt for every hash operation. Even if you hash the same password twice, the two hashes will be completely different because they use different salts. When verifying, bcrypt extracts the salt from the stored hash and uses it to recompute the hash from the provided password.
What is the maximum password length for bcrypt?
PHP's bcrypt implementation truncates passwords at 72 characters. Any characters beyond 72 are silently ignored. For longer passwords, consider using Argon2id or pre-hashing the password with SHA-256 before passing it to bcrypt.
