Bcrypt Hash Generator
Hash passwords with bcrypt or verify a password against a hash. Everything runs in your browser — passwords are never sent to a server.
Cost factor
Controls how many rounds bcrypt runs
10Recommended ✓
Hashing time per login~12 ms
fasterslower + more secure
Industry standard — good balance of speed and security. Each +1 step doubles the time (210 rounds total).
Bcrypt Hash
Hash output will appear here
Why bcrypt uses a salt
A salt is 16 random bytes generated fresh every time you hash a password. It's embedded directly in the hash string — that's the 22-character block after the cost factor.
❌ No salt
password123 → abc123
password123 → abc123
Same input = same hash. Rainbow tables crack millions at once.
✓ With salt (bcrypt)
password123 + XkR… → q7z…
password123 + mP2… → 8Yw…
Different hash every time. Tables are useless.
bcrypt handles salting automatically — you never need to manage salts manually. The cost factor makes every attempt slow, so brute-forcing is impractical even without a salt.
How to use it
- 1Select the Generate Hash tab, enter a password, and choose a cost factor (10 is the standard for production).
- 2Click Generate Hash — the bcrypt hash appears below, ready to copy.
- 3To verify a password, switch to the Verify tab, enter the plain-text password and the stored hash, then click Verify Password.
Common use cases
- Hash a password before storing it in a database during development.
- Verify that a plain-text password matches a hash stored in production to diagnose login issues.
- Test different cost factors to balance security and performance for your server's hardware.
- Generate test bcrypt hashes for unit tests or seeding a development database.
Frequently asked questions
- Is my password sent to a server?
- No. Hashing and verification run entirely in your browser using the bcryptjs library. Your password never leaves your device.
- What cost factor should I use?
- 10 is the widely accepted default for web applications. It balances security and speed on modern hardware (roughly 100 ms per hash). Go higher (12–14) if your server can afford the extra latency; avoid anything below 10 in production.
- What is the difference between bcrypt, Argon2, and scrypt?
- All three are password-hashing algorithms designed to be slow by design. Argon2 (winner of the Password Hashing Competition) and scrypt offer stronger memory-hardness guarantees. bcrypt remains widely deployed and well-supported. For new projects, Argon2id is generally recommended where available.
- Why does the same password produce a different hash each time?
- bcrypt embeds a random 16-byte salt inside every hash. The salt is included in the stored hash string, which is why bcrypt.compare() can still verify the password later.
Related tools
Base64 Encode / Decode
Encode and decode text and files to and from Base64.
HTML Live Preview
Write HTML, CSS, and JavaScript and see the result instantly.
JSON Formatter
Format, validate, minify, diff, and explore JSON — with optional on-device AI that summarizes any payload in plain English.
JWT Decoder
Inspect the header, payload, and expiry of any JSON Web Token — with optional on-device AI that explains what the token grants in plain English.
SQL Formatter
Beautify, format, and minify SQL queries for any dialect — with optional on-device AI that explains what a query does in plain English.
Unix Timestamp Converter
Convert Unix timestamps to dates and back, in any timezone.
Hash Generator
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes in your browser.
JSON to TypeScript
Generate TypeScript interfaces or type aliases from JSON.
Markdown to PDF
Convert Markdown to a beautifully styled PDF in your browser.
QR Code Generator
Make QR codes for websites, Wi-Fi passwords, contact cards, social handles, email, SMS, and more. Download as PNG or SVG — or as a ZIP with one branded QR per social platform.
Password Generator
Generate strong, secure passwords in your browser. Nothing is sent or saved to any server.
Text Diff
Compare two pieces of text and see line-by-line, word-by-word, or character-by-character what changed.
UUID / ULID Generator
Generate UUID v4, UUID v7, or ULID identifiers in bulk, instantly in your browser.
SVG to PNG / JPEG / WebP
Convert SVG to PNG, JPEG, or WebP at any size — quality slider, transparent or colored background, copy to clipboard. Free, in your browser.
URL Encoder / Decoder
Encode or decode URLs and query parameters with component-vs-full-URI scope, plus a query-string breakdown. Free, in your browser.
Regex Tester
Test JavaScript regular expressions with live highlighting and a capture-group inspector — plus an AI regex generator that turns plain-English descriptions into regex (on-device Gemini Nano).
Color Converter
Convert colors between HEX, RGB, HSL, HSV, and OKLCH, and generate tint, shade, and harmony palettes. Free, in your browser.
HTML ↔ Markdown Converter
Convert HTML to Markdown or Markdown to HTML with a live preview. GFM tables, fenced code blocks, inline formatting. Free, in your browser.
Cron Builder
Build cron expressions visually or describe the schedule in plain English and let on-device AI write it for you. Plain-English explanation, next 5 runs, presets.
YAML ↔ JSON Converter
Bidirectional YAML / JSON conversion with multi-document support and indentation control. Free, in your browser.
Convert CSV to JSON
Bidirectional CSV / TSV / JSON conversion. Custom delimiters, header detection, auto-typed numbers. Free, in your browser.
Word & Character Counter
Live word, character, sentence, and paragraph counts with reading and speaking time. Free, in your browser.
Lorem Ipsum Generator
Generate placeholder text — paragraphs, sentences, words, or HTML-wrapped output. Free, in your browser.
JWT Generator
Sign JSON Web Tokens with HS256/384/512, RS256/384/512, or ES256/384. In-browser key generation, no server.
Image Compressor
Compress PNG, JPEG, and WebP images with a live quality slider and side-by-side preview. Free, in your browser.
Favicon Generator
Generate the full favicon set — ICO, PNGs at every size, apple-touch-icon, and PWA manifest — from one image. Free, in your browser.
AI Code Explainer
Paste code, get a plain-English explanation from on-device Gemini Nano — no upload, no API key, no signup.
CSS Gradient Generator
Build linear, radial, and conic CSS gradients visually with color stops, presets, and one-click copy. Free, in your browser.
Box Shadow Generator
Build CSS box-shadows visually with offset, blur, spread, opacity, and inset across stacked layers. Live preview, copy-ready CSS.
Mermaid Live Editor
Render Mermaid diagrams live — flowcharts, sequence, class, state, ER, gantt, pie, and mindmap. Export SVG or PNG.
X.509 Certificate Decoder
Paste a PEM-encoded X.509 certificate — inspect subject, issuer, validity, SANs, key usage, and SHA fingerprints. Free, in your browser.
Australian Medicare Number Generator
Generate and validate Australian Medicare card numbers instantly in your browser. Uses the official check-digit algorithm — perfect for testing and development.
Australian ABN Generator & Validator
Generate and validate Australian Business Numbers (ABN) using the official weighted checksum algorithm. Perfect for testing and development — runs entirely in your browser.
Australian ACN Generator & Validator
Generate and validate Australian Company Numbers (ACN) using the official check-digit algorithm. For testing and development — runs entirely in your browser.
Australian Tax File Number (TFN) Validator
Validate Australian Tax File Numbers (TFN) — checks format and the official check-digit algorithm. No TFN generation to protect against misuse. Runs entirely in your browser.
Australian BSB Number Validator
Validate Australian Bank State Branch (BSB) numbers — checks the 6-digit format and identifies the bank from the first two digits.
New Zealand IRD Number Generator
Generate and validate New Zealand IRD (Inland Revenue Department) numbers for testing and development. Uses the official check-digit algorithm.
New Zealand Business Number (NZBN) Generator
Generate and validate New Zealand Business Numbers (NZBN) — 13-digit GS1 identifiers used by NZ companies. For testing and development.
New Zealand Bank Account Number Validator
Validate New Zealand bank account numbers — checks the BB-BBBB-AAAAAAA-SS format, bank code, and overall structure.
Text Case Converter
Convert text between camelCase, PascalCase, snake_case, kebab-case, SCREAMING_SNAKE, Title Case and more — instantly in your browser.
Number Base Converter
Convert numbers between binary, octal, decimal, and hexadecimal — type in any field and the rest update live.
XML Formatter & Validator
Format, validate, and minify XML documents with custom indentation — uses the browser's native DOMParser, nothing uploaded.
HTML, CSS & JS Minifier
Minify HTML, CSS, and JavaScript online — strip comments, collapse whitespace, and see byte-size savings. Runs entirely in your browser.
Meta Tag & OG Preview Generator
Generate and preview Open Graph, X Card, and standard HTML meta tags for your web pages — instantly in your browser.
Sitemap Validator
Paste or upload a sitemap XML and instantly validate it against Google's rules — structure, URL limits, lastmod format, duplicates, priority, and more. Entirely in your browser.
HTML to JSX Converter
Convert HTML to valid JSX — className, htmlFor, inline styles, and void elements handled automatically.
RSA Key Pair Generator
Generate RSA public/private key pairs in PEM format — 2048 or 4096-bit, PKCS#1 or PKCS#8.
Code to Image
Turn code snippets into beautiful shareable images with syntax highlighting and custom backgrounds.
HTTP Status Codes Reference
Look up any HTTP status code — 100 to 599 — with meaning, use case, and common causes.
Image Converter
Convert PNG, JPG, WebP, and AVIF images in your browser — no upload, no signup, batch support.
Image to Text (OCR)
Extract text from images, screenshots, and scanned documents — entirely in your browser. 18 languages supported.