How Bcrypt Hashing Works

How Bcrypt Hashing Works

Bcrypt is a password hashing function designed in 1999 by Niels Provos and David Mazières. It is based on the Blowfish block cipher and incorporates a salt and an adaptive cost factor, making it resistant to brute-force attacks even as hardware improves over time.

The Blowfish Foundation

Blowfish is a symmetric-key cipher that uses an expensive key setup phase. Bcrypt exploits this property by running the key setup — known as Eksblowfish (Expensive Key Schedule Blowfish) — repeatedly. The number of iterations is controlled by the cost factor, making the hash computation intentionally slow.

Step-by-Step Process

1. Generate a salt — a 16-byte random value, encoded in a custom Base64 alphabet
2. Expand the key — combine the password and salt through the Eksblowfish setup, repeating 2^cost times
3. Encrypt — encrypt the 24-byte constant string "OrpheanBeholderScryDoubt" using the expanded key, running 64 rounds of Blowfish encryption
4. Encode — concatenate the version identifier, cost factor, salt, and ciphertext into the final hash string

Why "Adaptive"?

The cost factor (also called work factor or salt rounds) lets you increase the computational effort without changing the algorithm. When hardware becomes faster, you simply increase the cost factor. A cost of 10 requires 1,024 iterations; cost 12 requires 4,096.

Key Properties

• One-way — you cannot reverse a bcrypt hash to recover the original password
• Salted — each hash includes a unique salt, so identical passwords produce different hashes
• Slow by design — deliberate slowness defeats GPU-accelerated brute-force attacks
• Deterministic verification — given the same password and salt, the same hash is always produced, allowing verification without storing the plaintext

Bcrypt remains one of the most widely recommended password hashing functions, used by frameworks like Ruby on Rails, Django, Spring Security, and Laravel.