Bcrypt Password Generator

Generate secure bcrypt password hashes with customizable cost factor

Generate Bcrypt Hash

Enter the plain text password you want to hash

10

Higher cost = more secure but slower. Default: 10. Recommended: 10-12 for production.

How to Use

  1. Enter your desired password in the input field
  2. Select the cost factor (higher = more secure but slower)
  3. Click "Generate Bcrypt Hash" to create the hash
  4. Copy the generated hash using the "Copy Hash" button
  5. Use the hash in your database or application
  6. Optionally verify the password matches the hash

About Bcrypt

What is Bcrypt?

Bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher. It is widely used for secure password storage in modern applications.

Key Features

  • Adaptive: Cost factor can be increased as hardware improves
  • Salt Built-in: Automatically generates and includes salt
  • Slow by Design: Computationally expensive to prevent brute-force attacks
  • Industry Standard: Recommended by OWASP and security experts

Cost Factor Guide

  • 4-8: Fast, suitable for testing (NOT for production)
  • 10: Default, good balance for most applications
  • 12: Recommended for high-security applications
  • 14+: Very secure but noticeably slower

PHP Usage Example

// Hash a password
$password = "mySecurePassword123";
$hash = password_hash($password, PASSWORD_BCRYPT, ['cost' => 12]);
// Result: $2y$12$randomsalt...hashedpassword

// Store $hash in database
$stmt = $conn->prepare("UPDATE users SET password = ? WHERE id = ?");
$stmt->bind_param("si", $hash, $user_id);
$stmt->execute();

// Verify password during login
$input_password = $_POST['password'];
$stored_hash = $user['password']; // from database

if (password_verify($input_password, $stored_hash)) {
    // Password is correct
    echo "Login successful!";
} else {
    // Password is incorrect
    echo "Invalid password!";
}