scrypt Password Hash
Generate scrypt hashes locally. scrypt is memory-hard and resistant to GPU/ASIC brute-force.
How to Use
Provide Credentials
Enter your password and a unique salt. A random salt of at least 16 bytes is highly recommended for maximum security.
Configure Parameters
Adjust the cost (N), block size (r), and parallelization (p) parameters. Use the defaults unless you have specific requirements.
Extract the Key
The derived key is calculated in your browser. Copy the hex or base64 representation for use in your security implementations.
Frequently Asked Questions
What is scrypt?
Scrypt is a password-based key derivation function (KDF). It's specifically designed to make hardware acceleration attacks (using custom ASICs or GPUs) extremely expensive by requiring large amounts of memory.
Why does scrypt need a salt?
A salt ensures that two users with the same password will have different hashes. It protects against rainbow table attacks and makes it impossible to precompute common password hashes.
How do I choose the right parameters?
The default values (N=16384, r=8, p=1) are suitable for most interactive login scenarios. If you're protecting sensitive data at rest, you might increase N to make the function even slower and more secure.