What is the primary purpose of Bcrypt?

Bcrypt's primary purpose is to securely hash passwords for storage, making them resistant to brute-force attacks and rainbow table lookups by being computationally expensive and using unique salts.

How does Bcrypt protect against brute-force attacks?

Bcrypt protects against brute-force attacks by allowing an adjustable 'work factor' that deliberately slows down the hashing process, making it time-consuming for attackers to test many password guesses.

What is a 'salt' in the context of Bcrypt?

A salt is a random string that Bcrypt adds to a password before hashing. It ensures that identical passwords produce different hashes, preventing rainbow table attacks and making each password hash unique.

Can I increase the security of Bcrypt over time?

Yes, Bcrypt's 'work factor' or 'salt rounds' parameter can be increased over time. This makes the hashing process more computationally intensive, enhancing security against increasingly powerful hardware.

Is Bcrypt still considered secure in 2026?

Bcrypt is generally considered secure for password hashing in 2026 when implemented with an appropriate work factor. However, newer algorithms like Argon2 offer additional memory-hardness properties.

Is Bcrypt open-source?

Yes, Bcrypt is an open-source algorithm. Its implementations are available in various open-source libraries across different programming languages.

How does Bcrypt differ from older hashing algorithms like MD5 or SHA-1?

Bcrypt differs from MD5 or SHA-1 by being deliberately slow and adaptive, whereas older algorithms are fast and produce fixed-length hashes without a work factor, making them vulnerable to modern cracking techniques.

Bcrypt – Secure Password Hashing Algorithm

Overview

Bcrypt is a password hashing function first presented at USENIX in 1999. It is based on the Blowfish cipher and was specifically designed to be computationally intensive, making it more resistant to brute-force password cracking attempts than earlier hashing algorithms like MD5 or SHA-1. A key characteristic of Bcrypt is its "work factor" or "cost parameter," which allows administrators to adjust the computational load required to hash a password. This adaptability is crucial because it enables the algorithm to remain secure against increasing computational power over time. As hardware capabilities improve, the work factor can be increased to maintain the desired level of computational difficulty, thereby preserving the time it takes to perform a single hash.

The primary use case for Bcrypt is the secure storage of user passwords in databases. When a user registers or logs in, their password is not stored directly but rather processed through Bcrypt into a hash. Only this hash is stored. When the user attempts to log in again, the entered password is hashed with the same work factor and salt, and the resulting hash is compared to the one stored in the database. Because Bcrypt incorporates a salt — a random string added to the password before hashing — it defends against rainbow table attacks where precomputed hashes are used to crack passwords. Each password gets a unique salt, even if two users choose the same password, resulting in different hashes. The salt is typically stored alongside the hash.

Bcrypt is widely available across various programming languages through dedicated libraries, which simplifies its integration into web applications, authentication systems, and other software requiring secure credential management. Its design prioritizes security over hashing speed, a deliberate choice to deter attackers who aim to test billions of password guesses per second. For applications where password security is paramount, Bcrypt provides a proven and resilient mechanism for protecting user data from common attack vectors.

Key features

Adaptive Work Factor: Allows the computational cost of hashing to be increased over time, counteracting advances in hardware speed. This ensures the algorithm remains secure against brute-force attacks as computing power grows.
Salting Mechanism: Automatically generates and incorporates a unique salt for each password hash. This prevents rainbow table attacks and ensures that identical passwords have different stored hashes, even across multiple users.
Slow Hashing Process: Deliberately designed to be computationally expensive. This slowness makes it impractical for attackers to test a large number of password guesses in a short period, significantly improving resistance to brute-force attempts.
Based on Blowfish Cipher: Utilizes a modified version of the Blowfish block cipher, known for its strong cryptographic properties, as its core component.
Cross-Language Support: Available as libraries in many popular programming languages, facilitating straightforward integration into diverse software environments for secure password handling.

Pricing

Bcrypt is an open-source algorithm and does not have a direct pricing model. Its implementation is typically integrated into applications via open-source libraries.

Feature	Details (As of 2026-05-27)
Algorithm availability	Open-source
Licensing	Typically permissive open-source licenses (e.g., MIT, BSD) depending on specific library implementations
Usage fees	None
Support	Community-driven, not commercially supported by an official vendor

Common integrations

Bcrypt is typically integrated at the application layer to handle password hashing. Implementations exist for most major programming languages.

Node.js Applications: Often integrated using packages like bcryptjs or node.bcrypt.js for hashing passwords in Express.js or other Node.js frameworks.
Python Applications: Libraries such as py-bcrypt or bcrypt are commonly used with frameworks like Django or Flask for user authentication.
PHP Applications: Native support for Bcrypt hashing is available via the password_hash() and password_verify() functions, commonly used in Laravel, Symfony, and custom PHP applications. General information on PHP's password hashing functions is available from PHP's documentation on password_hash.
Ruby on Rails: The bcrypt-ruby gem is a standard choice for secure password management within Ruby on Rails applications.
Java Applications: Libraries like jBcrypt provide Bcrypt functionality for Java-based authentication systems.

Alternatives

Argon2: A key derivation function that won the Password Hashing Competition (PHC) in 2015. It is designed to be highly resistant to GPU-based cracking attacks.
scrypt: A password-based key derivation function that was originally designed for the Tarsnap online backup service. It is memory-hard, meaning it requires significant amounts of RAM to compute, which helps mitigate hardware-accelerated attacks.
PBKDF2: Stands for Password-Based Key Derivation Function 2. It is a widely used algorithm specified in RFC 2898 for deriving cryptographic keys from a master password.

Getting started

To demonstrate a basic implementation of Bcrypt, here's an example using a common Node.js library for hashing and verifying passwords. This snippet illustrates how to generate a salt, hash a plaintext password, and then verify a candidate password against the generated hash.

const bcrypt = require('bcryptjs'); // Or 'bcrypt' for native C++ binding

// 1. Define the plaintext password
const plaintextPassword = 'mySecurePassword123!';

// 2. Define the number of salt rounds (work factor)
// A higher number means more computational work and slower hashing.
// Recommended values are typically 10-12 for modern applications.
const saltRounds = 10;

console.log(`Hashing password: "${plaintextPassword}" with ${saltRounds} salt rounds.`);

// 3. Generate a salt and hash the password
bcrypt.genSalt(saltRounds, function(err, salt) {
  if (err) {
    console.error('Error generating salt:', err);
    return;
  }

  bcrypt.hash(plaintextPassword, salt, function(err, hash) {
    if (err) {
      console.error('Error hashing password:', err);
      return;
    }

    console.log(`Generated hash: ${hash}`);

    // 4. Later, when a user tries to log in, verify their entered password
    const candidatePassword = 'mySecurePassword123!';
    const incorrectPassword = 'wrongPassword';

    console.log(`\nVerifying candidate password: "${candidatePassword}"`);
    bcrypt.compare(candidatePassword, hash, function(err, result) {
      if (err) {
        console.error('Error comparing password:', err);
        return;
      }
      if (result) {
        console.log('Password MATCHES! User authenticated.');
      } else {
        console.log('Password DOES NOT MATCH. Authentication failed.');
      }
    });

    console.log(`\nVerifying incorrect password: "${incorrectPassword}"`);
    bcrypt.compare(incorrectPassword, hash, function(err, result) {
      if (err) {
        console.error('Error comparing password:', err);
        return;
      }
      if (result) {
        console.log('Incorrect password MATCHES! (This should not happen)');
      } else {
        console.log('Incorrect password DOES NOT MATCH. Authentication failed as expected.');
      }
    });
  });
});

This example first defines a plaintext password and a saltRounds value, which dictates the computational cost. It then asynchronously generates a salt using bcrypt.genSalt(). With the generated salt, bcrypt.hash() processes the plaintext password into a secure hash, which would typically be stored in a database. Finally, bcrypt.compare() demonstrates how to verify a user-provided password against the stored hash. The comparison function re-hashes the candidate password with the salt extracted from the stored hash and checks for a match. The asynchronous nature of these operations is common in modern web development to prevent blocking the main thread during computationally intensive tasks.

Bcrypt – Secure Password Hashing Algorithm

Overview

Key features

Pricing

Common integrations

Alternatives

Getting started

# frequently asked questions

## reviews

## comments

Overview

Key features

Pricing

Common integrations

Alternatives

Getting started

# frequently asked questions

# see also

## reviews

## comments