Tech blog and developer tools
Bcrypt is a password hashing function designed by Niels Provos and David Mazières in 1999, based on the Blowfish cipher. Unlike fast hash functions like SHA-256, bcrypt is intentionally slow. This is by design: when an attacker steals a database of hashed passwords, the slowness of bcrypt makes brute-force attacks impractical. A modern GPU can compute billions of SHA-256 hashes per second but only thousands of bcrypt hashes.
The "salt" in bcrypt is a random value mixed into the hash to ensure that identical passwords produce different hashes. Without salting, an attacker could use precomputed tables (rainbow tables) to crack passwords instantly. The salt is stored as part of the bcrypt output string, right after the version identifier and cost factor.
Fun fact: the cost factor (rounds) in bcrypt is a power of 2. A cost of 10 means 2^10 = 1,024 iterations, while a cost of 14 means 2^14 = 16,384 iterations. Each increment doubles the computation time. When bcrypt was created in 1999, a cost of 6 was recommended. Today, 10-12 is standard, showing how Moore's Law has driven the need for adaptive hashing.
Bcrypt hashes start with a version identifier: $2a$, $2b$, or $2y$. The $2b$ version fixed a bug in the original $2a$ specification related to handling strings longer than 255 characters. Most modern libraries use $2b$ by default.
Argon2 won the Password Hashing Competition in 2015 and is now considered the gold standard. However, bcrypt remains widely used and perfectly secure. Argon2 adds memory-hardness, making GPU attacks even harder.
Bcrypt only processes the first 72 bytes of a password. Longer passwords are silently truncated. This is why some applications pre-hash passwords with SHA-256 before bcrypt, though this approach needs careful implementation.
LinkedIn's 2012 breach exposed 117 million passwords hashed with unsalted SHA-1, which were easily cracked. Meanwhile, services using bcrypt (like Dropbox and GitHub) have had data exposed but passwords remained safe thanks to the slow hashing.