This tool generates salted, iteratively hashed digests using the Web Crypto API. Enter text and a random salt, choose a cost factor (iteration count), and compute both SHA-256 and SHA-512 hashes. The iterative approach is conceptually similar to key stretching in password hashing. For production password storage, use server-side bcrypt, scrypt, or Argon2.
Higher cost factor = more iterations = slower but more secure. The hash is computed as SHA(SHA(...SHA(salt + text)...)) for the selected number of iterations.
This tool generates salted, iteratively-hashed digests using the Web Crypto API. The process is similar to password hashing schemes like bcrypt and PBKDF2:
Note: For production password hashing, use server-side bcrypt, scrypt, or Argon2. This tool is for educational purposes and lightweight hash generation.
Enter text in the input field. A random 16-byte hex salt is generated automatically (click Regenerate for a new one). Select a cost factor from 4 to 16, which controls the number of hash iterations (higher = slower but more resistant to brute-force). Click 'Generate Hash' to compute both SHA-256 and SHA-512 digests. Use the Verify section to check if a given text and salt produce a matching hash.
Useful for generating salted hashes to verify data integrity, creating reproducible digests for testing authentication systems, comparing SHA-256 vs SHA-512 output for the same input, and understanding how iterative hashing and salt work in cryptographic key stretching.
SHA-256 produces a 256-bit (32-byte) digest as a 64-character hex string. SHA-512 produces a 512-bit (64-byte) digest as a 128-character hex string. The tool prepends the salt to the input text, hashes it, then feeds the output back through the hash function for the selected number of iterations. All operations use the Web Crypto API (crypto.subtle.digest). This is NOT bcrypt - it uses iterative SHA hashing as an educational demonstration of key stretching.
The tool concatenates the salt with your input text, hashes the result using SHA-256 or SHA-512, then feeds that hash output back through the same function repeatedly for the configured number of iterations. More iterations make brute-force attacks slower.
No. This tool uses iterative SHA-256/SHA-512 hashing via the Web Crypto API. Bcrypt is a separate algorithm based on the Blowfish cipher with built-in salt handling. For production password hashing, use bcrypt, scrypt, or Argon2 on the server side.
Higher cost factors mean more hash iterations and slower computation. A cost factor of 10 (64 iterations) is a reasonable default. For testing key stretching behavior, try higher values and observe the time increase.
Transform, format, generate, and encode data instantly. Private, fast, and always free.
Browse All Tools