What is bcrypt?
Turkish: bcrypt
bcrypt hashes passwords with salts and an adjustable cost factor, making brute-force attacks harder after a data leak.
What is bcrypt?
bcrypt is a password hashing algorithm used so user passwords are not stored as plain text in a database. It is not encryption; when a user enters a password, the system runs the same hashing process and compares the result instead of decrypting the old password.
How Does It Work?
bcrypt generates a unique salt for each password and uses a cost factor that intentionally slows computation. The salt makes two users with the same password produce different hashes. As the cost factor increases, generating each hash takes longer, making large-scale guessing more expensive after a breach.
During login, the system processes the submitted password with the stored salt and cost settings. If the resulting hash matches the saved value, authentication succeeds.
Business Use
Membership systems, admin panels, partner portals, and SaaS products should not store passwords in plain text or use fast general-purpose hashes. Password-focused algorithms such as bcrypt make it harder for attackers to recover many passwords if the database is leaked. Hashing is the broader concept; bcrypt is a specific application designed for password security.
Secure password storage should be paired with strong reset flows, multi-factor authentication, rate limits, and careful secret management.