Converter Web ToolsConverter WebTools

Bcrypt Generator & Checker

Create a Bcrypt in your browser, free and instantly.

Generate a bcrypt hash

Cost

Verify a password against a hash

Bcrypt is a slow, salted password hash designed to resist brute force. A higher cost is more secure but slower. Hashing runs in your browser; nothing is uploaded.

About bcrypt

Bcrypt is a password-hashing function designed to be deliberately slow and salted, which makes stored passwords very hard to crack even if a database leaks. This tool hashes a password with a chosen cost (work factor) and can also verify a password against an existing bcrypt hash. Everything runs in your browser, so passwords are never sent anywhere.

How Bcrypt works

How to use it

  1. Enter a password and pick a cost (10 is a good default).
  2. Click Hash to generate the salted bcrypt hash.
  3. To verify, paste a hash and a password and click Check.

What the cost means

The cost (or rounds) sets how much work the hash takes — each step up roughly doubles the time. Higher is more secure but slower; 10–12 suits most web apps.

Salting and verifying

Bcrypt builds a random salt into every hash, so the same password produces a different hash each time. Verification re-hashes the password with the stored salt and compares — which is why two different hashes can both be correct.

Common uses

  • Hash a password for storage
  • Verify a password against a bcrypt hash
  • Generate test hashes for development
  • Choose a safe work factor
  • Check a login implementation
  • Create seed users for a database
  • Learn how bcrypt works
  • Compare password hashing options

Frequently asked questions

How do I generate a bcrypt hash?
Enter a password, choose a cost, and click Hash — the salted bcrypt hash appears to copy.
What cost should I use?
10–12 is a good balance for web apps; higher is more secure but slower.
Why does the same password give different hashes?
Bcrypt includes a random salt, so each hash differs — verification still works.
How do I verify a password?
Paste the password and the hash and click Check; it tells you if they match.
Are my passwords uploaded?
No — hashing and checking happen entirely in your browser.
Is bcrypt still secure?
Yes — with a sufficient cost it remains a recommended password hash.
What is the 2a/2b/2y prefix?
Bcrypt version identifiers; they are compatible for verification.
Is it free?
Yes — completely free with no sign-up.