Bcrypt Hash Generator

Hash passwords with bcrypt and verify bcrypt hashes

About bcrypt in the browser

bcrypt is a computationally expensive password hashing algorithm designed to resist brute-force attacks. Running it in the browser would expose your password to potential XSS attacks and would be very slow at high cost factors. For production use, run bcrypt server-side (Node.js: bcrypt or bcryptjs).

bcrypt Hash Format Explorer

Cost Factor (rounds)

2^10 = 1,024 iterations

Password (for display only)

Generated Salt (example)

$2b$10$1PKOpFs/o/xEriwTXX10k0

What the output looks like

$2b$10$1PKOpFs/o/xEriwTXX10k0<31-char checksum>

Hash Format Breakdown

$2b$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy

$2b$

Prefix

Algorithm version (2b = latest bcrypt)

$10$

Cost Factor

2^10 = 1,024 iterations

N9qo8uLOickgx2ZMRZoMye

Salt

22 chars of base-64 encoded salt (128-bit)

IjZAgcfl7p92ldGxad68LJZdL17lhWy

Hash

31 chars of base-64 encoded hash (184-bit)

Server-side code example (Node.js)

const bcrypt = require('bcryptjs');
const hash = await bcrypt.hash(password, 10);
const match = await bcrypt.compare(password, hash);

How to Use This Tool

Enter your text

Type or paste the string or data you want to hash into the input field.

Choose algorithm

Select the hashing algorithm you need (MD5, SHA-1, SHA-256, etc.) from the options provided.

Copy the hash

The hash is computed instantly in your browser. Click Copy to grab it for use in your application or verification workflow.

Compare hashes

Use the comparison feature (if available) to verify that two inputs produce the same hash.

About This Tool

Bcrypt Hash Generator is a free, instant, browser-based tool that hash passwords with bcrypt and verify bcrypt hashes. Cryptographic hash functions take an input of any size and produce a fixed-length output (the hash or digest) that is unique to that input. Even a tiny change to the input — a single character — produces a completely different hash. This property makes hashing essential for data integrity verification, password storage, digital signatures, and checksums.

This tool computes hashes entirely in your browser using the Web Crypto API and other standard browser APIs. Your data never leaves your computer.

Common use cases include verifying the integrity of downloaded files by comparing their SHA-256 hash against a published checksum, securely storing passwords by hashing them before writing to a database, generating HMAC signatures for API authentication, creating unique identifiers from content (content-addressable storage), and detecting duplicate files or database records.

Note that MD5 and SHA-1 are considered cryptographically broken and should not be used for security-sensitive applications. For password hashing, use bcrypt, scrypt, or Argon2 rather than raw SHA hashes, as these are specifically designed to be slow and resistant to brute-force attacks. For general-purpose integrity checking, SHA-256 or SHA-3 are the current standards.

Related Tools

MD5 Hash Generator

Generate MD5 hash of any text or string

SHA-1 Hash Generator

Generate SHA-1 hash of any text or string

SHA-256 Hash Generator

Generate SHA-256 hash of any text or string

SHA-512 Hash Generator

Generate SHA-512 hash of any text or string

HMAC Generator

Generate HMAC signatures with SHA-256, SHA-512, and MD5

Hash Identifier

Identify the type of a given hash string