bcrypt Password Hashing Guide
Hash passwords with bcrypt — cost factor selection, salt, and verification with real-world examples.
Published:
Tags: bcrypt password hashing, bcrypt online tool, bcrypt cost factor
bcrypt Password Hashing Guide bcrypt has been the industry standard for password hashing since 1999. Its adaptive cost factor makes it resilient to faster hardware, and its automatic salting eliminates rainbow table attacks. This guide covers the algorithm, parameter selection, implementation examples, and the practical considerations for production deployments. --- What is How bcrypt Works? bcrypt is built around the Blowfish cipher's expensive key setup phase. The core insight is that initializing Blowfish keys is deliberately slow — and bcrypt exploits this. The algorithm: Generates a random 128-bit salt Expands the password and salt using a function called Runs the Blowfish key schedule times Encrypts the 192-bit string 64 times The output is a 60-character string like: The prefix…
Frequently Asked Questions
What is bcrypt?
bcrypt is a password hashing function designed by Niels Provos and David Mazières, first published in 1999. It is based on the Blowfish cipher and incorporates a cost factor that controls how computationally expensive each hash is. This adaptability means bcrypt can be kept secure as hardware speeds increase.
How does bcrypt work?
bcrypt runs the Blowfish key schedule a number of times determined by the cost factor — specifically 2^cost key schedule executions. A higher cost factor doubles the compute required per hash increment. bcrypt also automatically generates a 128-bit (22-character) random salt per hash, preventing rainbow table attacks.
What bcrypt cost factor should I use?
OWASP recommends a minimum cost factor of 10 for most applications and 12 for high-value accounts (banking, healthcare). Cost factor 12 produces a hash in roughly 250ms on a modern server, which is acceptable for login. Benchmark your specific hardware and choose the highest factor that keeps latency under 1 second.
How do I verify a bcrypt hash?
bcrypt verification re-runs the hash algorithm with the stored salt and parameters, then compares the result against the stored hash using a constant-time comparison. All bcrypt libraries provide a compare/verify function. Never manually extract and compare hash strings — this is error-prone and may introduce timing vulnerabilities.
Is bcrypt still secure in 2026?
Yes, bcrypt at cost factor 12 or higher remains secure for the vast majority of applications. Its main limitations are a 72-byte password input truncation and lower GPU-attack resistance compared to Argon2id. For new systems, Argon2id is preferred, but bcrypt is not broken and migration is not urgent.
All articles · theproductguy.in