HomeTextDataDeveloperFilesMediaUtilities

scrypt Hash Generator & VerifierPrivacy: All processing runs locally

Generate and verify scrypt password hashes with configurable N, r, p, salt, and output length. Inspect parameters and learn how scrypt uses memory-hard key derivation — entirely in your browser.

Local playground. Everything runs in your browser. Do not paste real production passwords into online tools. Production password hashing belongs on the server side. This tool is for testing, learning, and debugging.
Password0
scrypt Hash0

How scrypt Works

scrypt is a memory-hard password hashing and key derivation function designed by Colin Percival. It is not encryption — a scrypt hash cannot be reversed.

scrypt intentionally uses large amounts of memory, making it expensive to attack with specialized hardware (ASICs, GPUs). The memory requirement is controlled by the parameters N, r, and p.

Parameters: N, r, p

N (CPU/memory cost) must be a power of 2. Higher N uses more memory and time. r (block size) controls the sequential memory-read size. p (parallelism) allows independent parallel computations. Estimated memory: 128 × N × r bytes.

Browser-Safe Defaults

This tool uses browser-safe defaults (N=16384, r=8, p=1, ≈16 MB). Production server settings may be higher. Avoid settings that exceed available memory or freeze the browser.

Comparison

Argon2id is generally preferred for new systems. Bcrypt is widely supported. PBKDF2 is used where platform compatibility matters.

FAQ

Can I decrypt a scrypt hash?

No. scrypt is one-way. The password cannot be recovered.

Is it safe to paste a real password here?

This tool runs in your browser. Nothing is sent anywhere. Still, avoid real production passwords.

Should I hash passwords in the browser before login?

No. The hash would become the password. Hash on the server side.

What is a salt?

A random value ensuring identical passwords produce different hashes.

Why does the same password produce different hashes?

New random salt each time. The salt is stored in the hash string for verification.

Which algorithm should I use in production?

Follow current security guidance. Argon2id is generally recommended. scrypt and bcrypt are solid alternatives.

Why is hashing slow?

Intentionally. Memory-hard hashing makes attacks expensive.

What do N, r, p mean?

N = CPU/memory cost (power of 2), r = block size, p = parallelism. Memory ≈ 128 × N × r bytes.

Related Tools