Bcrypt Generator & Checker

Bcrypt Generator & Checker hashes passwords with bcrypt and verifies a password against an existing hash. Enter a password and cost factor to generate a hash, or paste a hash to check it. All processing happens locally in your browser, and nothing is sent to a server.

Generate hash

Password / text

Cost factor (rounds)

Copied!

Bcrypt hash

Verify a hash

Password / text

Bcrypt hash to check against

About Bcrypt

Bcrypt is a password-hashing function with a built-in salt and an adjustable cost factor. A higher cost makes each hash slower to compute, which slows down brute-force attacks. The same password produces a different hash each time because of the random salt, yet verification still works. Hashing runs entirely in your browser.

Bcrypt is the password-hashing standard behind many web frameworks, including Laravel, Django, Rails, Spring and Node.js libraries. Developers use a generator to create test fixtures, seed database users or produce a quick hash for a config file, and the checker to confirm a stored hash matches a password.

Choose a cost factor to balance security against speed: each step up roughly doubles the time to compute a hash, which slows brute-force attacks. Bcrypt embeds a random salt in every hash, so the same password produces a different string each time, yet the verifier can still confirm a match.

Frequently Asked Questions

What is the cost factor?

It is the work factor that controls how slow hashing is. Each step roughly doubles the time to compute a hash, which makes brute-force attacks harder.

Why does the same password give a different hash each time?

Bcrypt adds a random salt to every hash, so identical passwords produce different strings. The checker can still confirm whether a password matches a hash.

Is it safe to test passwords here?

Yes. Hashing and verification run entirely in your browser using a JavaScript bcrypt library, so passwords are never sent to a server.