Bcrypt API
Simple API to help you check your password strategy.
Generate Hash from Password
Check Password
About
Use this site from inside your tests so that you can externally verify that your use of bcrypt is correct.
Important
Do not type any password that you currently use. This site is for experimentation and testing purposes only.
API
Generate Hash
Hit this endpoint to generate a hash from a password.
Firstly, set up an environment variable with the password and cost:
$ PASSWORD=super-secret $ COST=4
Curl
$ curl --verbose --request POST --data "password=$PASSWORD&cost=$COST" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
{"ok":true,"msg":"","password":"super-secret","hash":"$2a$06$q1hUUfwVhEAuxIHLyv9fOukjBUHtZBu7slIAOpwuflmwsquQFBJ.a","cost":6}
Wget
$ wget --post-data "password=$PASSWORD" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
$ cat generate-hash.json
{"ok":true,"msg":"","password":"super-secret","hash":"$2a$06$u91uvrUvSXl3yHJqsPdZdO6HQrIZvfYDHoj6123VYm37b.V5DUdDG","cost":6}
Check Password
Hit this endpoint to check your hash checks out for your password.
Firstly, set up two environment variables with the password and the hash to check against:
$ PASSWORD=super-secret $ HASH='$2a$06$8DhuLEJC5PS8a8XfuvybUOqwLj4ykJ091lyVBF8R9GlYstIfZMjVm'
Curl
$ curl --verbose --request POST --data "hash=$HASH&password=$PASSWORD" https://www.toptal.com/developers/bcrypt/api/check-password.json
{"ok":true,"msg":"","password":"super-secret","hash":"$2a$06$8DhuLEJC5PS8a8XfuvybUOqwLj4ykJ091lyVBF8R9GlYstIfZMjVm","cost":6}
Wget
$ wget --post-data "hash=$HASH&password=$PASSWORD" https://www.toptal.com/developers/bcrypt/api/check-password.json
$ cat check-password.json
{"ok":true,"msg":"","password":"super-secret","hash":"$2a$06$8DhuLEJC5PS8a8XfuvybUOqwLj4ykJ091lyVBF8R9GlYstIfZMjVm","cost":6}