Bcrypt 哈希
生成和验证 bcrypt 密码哈希
🔒 100% client-side — your data never leaves this pageAbout this tool
生成可配置 cost factor(4-14)的 bcrypt 密码哈希,或验证明文密码是否与已有哈希匹配。哈希结果拆解显示算法前缀、cost factor、盐值和哈希三个部分,使用 Web Crypto API 在浏览器中安全运行。
Frequently Asked Questions
What is bcrypt?
Bcrypt is a password hashing function designed to be slow and expensive to compute. This makes brute-force and rainbow table attacks impractical. It is the recommended algorithm for storing user passwords.
What cost factor should I use?
A cost factor of 10-12 is recommended for most applications. Higher values are more secure but take longer to compute. Cost 10 typically takes 100-300ms, which is slow enough for attackers but fast enough for users.
Can I use this hash in my application?
The hash format is compatible with standard bcrypt implementations in Node.js (bcryptjs), Python (bcrypt), PHP (password_hash), and most other languages.
Is the computation done in my browser?
Yes. All hashing uses the Web Crypto API (PBKDF2) and runs entirely client-side. Your passwords are never transmitted.