What bcrypt Actually Is
A Blowfish-based password hashing scheme designed by Niels Provos & David Mazières (1999). Deliberately slow and adaptive — bcrypt's cost factor lets security scale with hardware improvements.
Where bcrypt Is Used
- Linux PAM (
/etc/shadow) - PHP
password_hash() - Node.js
bcrypt/bcryptjs - Django (optional backend)
- Ruby on Rails (default via
has_secure_password)
Three-Part Output Anatomy
Hash Generator
Enter a password and choose a cost factor. The output is a real bcrypt hash computed in your browser — not simulated.
Input
Output
Cost Factor Timing Benchmark
Hashes the same password at cost factors 8 through 14, sequentially. Each +1 in cost doubles the computation time. This is by design — the slowness IS the security.
Results
Verify & Timing-Safe Comparison
bcrypt.compare() verifies a password against a stored hash using constant-time comparison, preventing timing oracle attacks.
Basic Verify
Timing Attack Visualizer
A naive === string comparison leaks information about where the first mismatch occurs.
bcrypt's constant-time compare takes the same duration regardless of match or mismatch.
Naive === (variable timing)
bcrypt.compare (constant time)
bcrypt vs Alternatives
Not all hashing algorithms are equal. This comparison shows why bcrypt remains a strong choice and when to prefer alternatives.
Algorithm Comparison
| Algorithm | Year | Adaptive | Memory-hard | GPU-resistant | Status |
|---|
Live Timing: bcrypt vs PBKDF2
Hash the same password with bcrypt (cost 12) and PBKDF2 (100,000 rounds via WebCrypto).
Real-World Attack Demo
Three breach scenarios showing what happens when passwords are stored as plaintext, unsalted MD5, or bcrypt hashes.