PBKDF2 Password Hash

Generate PBKDF2-derived keys locally using the Web Crypto API.

Password

Salt

Use a random salt (16+ bytes recommended).

Iterations

Typical: 100,000 or more.

PRF (hash)

Derived key length (bytes)

Your input never leaves your device; hashing is done locally using Web Crypto.

Result

PBKDF2 (SHA-256) of (empty)

—

How to Use

Enter Base Secret

Input the password or passphrase you want to strengthen. This serves as the initial key material.

Provide a Salt

Enter a random string (salt) of at least 16 bytes. This prevents attackers from using precomputed tables.

Set Iterations

Choose the number of iterations. A higher count makes the derivation slower and more secure against brute-force.

Frequently Asked Questions

What is PBKDF2?

PBKDF2 (Password-Based Key Derivation Function 2) is a standard method for deriving cryptographic keys from a password. It applies a hash function many times to make the process slow enough to thwart attackers.

Why use the Web Crypto API?

Using the Web Crypto API allows for hardware-accelerated, secure cryptographic operations directly in your browser. It's faster and more secure than traditional JavaScript implementations.

What is a recommended iteration count?

The OWASP recommendation for PBKDF2 with SHA-256 is at least 600,000 iterations. Our tool defaults to 100,000, but you can increase it for enhanced security.