bcrypt: Algorithm & Cost Factor
Learn bcrypt internals, the work factor, and proper cost tuning.
Welcome
bcrypt is a password hashing algorithm designed in 1999 specifically to be slow and resistant to hardware attacks. It remains the most widely deployed password hashing algorithm.
bcrypt Origins
Designed by Niels Provos and David Mazières, based on the Blowfish cipher. The 'b' stands for Blowfish. Its key insight: use Blowfish's expensive key setup for intentional slowness.
All lessons in this course
- Why Plain SHA-256 Fails for Passwords
- bcrypt: Algorithm & Cost Factor
- Argon2: Memory-Hard Password Hashing
- PBKDF2 & Choosing the Right Algorithm