在瀏覽器中使用 bcrypt 對密碼進行雜湊,並驗證密碼是否與 bcrypt 雜湊值匹配。
如何使用 Bcrypt
選擇「雜湊」建立雜湊值,或選擇「驗證」核對雜湊值。
輸入密碼,驗證時還需輸入雜湊值。
查看 bcrypt 雜湊值或匹配結果。
A bcrypt tool that hashes a password at a cost you choose, and verifies a password against an existing bcrypt hash. Everything runs locally in your browser, so passwords stay on your device.
Bcrypt is an adaptive password-hashing function designed specifically for storing passwords. Unlike a fast hash such as SHA-256, it is deliberately slow and includes a built-in salt, which is exactly what you want when defending stored passwords.
The cost factor (the rounds) sets how much work each hash takes. Every extra round doubles the computation, so raising the cost makes large-scale brute-force and GPU attacks far slower, while a single login stays fast enough. A value of 10 to 12 is a common choice.
Bcrypt mixes a random salt into every hash, so the same password produces a different hash each time. That defeats precomputed rainbow tables, and verification still works because the salt is stored inside the hash itself.
To check a password, the verify mode reads the salt and cost out of the stored hash, hashes the candidate the same way, and compares, which is why you only need the hash and the password, not the original salt.
Hashing and verifying run entirely in your browser, so nothing is uploaded. Even so, avoid pasting real production passwords on a shared computer.
常見問題
成本因子:每增加一輪,計算雜湊值所需的工作量就翻倍,使暴力破解攻擊更慢。10 到 12 是常見的選擇。
Bcrypt 在每個雜湊值中包含一個隨機的 salt,因此即使是相同的密碼輸出也不同。驗證仍然有效,因為 salt 儲存在雜湊值內部。
雜湊完全在瀏覽器中執行,密碼不會被上傳。即便如此,請避免在共用電腦上貼上真實的正式環境密碼。
嵌入此工具
將此工具加入你自己的網站。複製下方的程式碼片段,它會自動保持最新。
<iframe src="https://monu.tools/embed/zh-Hant/bcrypt-generator" width="100%" height="640" style="border:1px solid #e5e5e5;border-radius:12px;max-width:680px" loading="lazy" title="Monu Tools"></iframe>相關工具