PBKDF2 Key Derivation — Free Online Tool
Generate a PBKDF2-derived key from a password and salt using the browser's native SubtleCrypto API. Configure iterations (1–1,000,000), key length (128/256/512 bits), hash (SHA-256/SHA-512), and output format (hex/base64). Used in AES-based encryption schemes and cryptographic protocol implementations.
100% client-side. No uploads. Your data never leaves your browser.
How to use PBKDF2 Key Derivation
- Enter the password and salt.
- Configure iterations, key length, and hash algorithm.
- Click 'Derive Key' to compute the PBKDF2 output.
- Copy the derived key hex or base64 value.
Frequently Asked Questions
What is PBKDF2?
PBKDF2 (Password-Based Key Derivation Function 2) applies a hash function many times to a password+salt to produce a cryptographic key. More iterations = harder to brute-force.
How many iterations should I use?
OWASP recommends 600,000 iterations for PBKDF2-SHA256 (2023). For SHA-512, 210,000. Use at least 100,000 for any security-sensitive application.
What is the salt for?
The salt ensures that two identical passwords produce different derived keys. Use a random 16+ byte salt from crypto.getRandomValues() in production.
Related tools
Related reading
Browse all free tools · theproductguy.in