Tool

KDF Lab

Argon2id, scrypt, PBKDF2, and bcrypt with interactive cost parameters. Use this to feel what “tunable cost” really means , bump memory or iterations and watch the time grow linearly per step.

Password

Salt (hex)

16 bytes

Iterations (t)

Memory (MiB)

Parallelism (p)

Tuning guidance

Target an interactive budgetof 100–500 ms on your real server hardware (not this laptop). That budget is what bounds the attacker per password attempt.
Argon2id: in 2026 a sensible starting point is m = 64 MiB, t = 3, p = 1 for low-end servers, or m = 512 MiB, t = 4, p = 4 for serious deployments.
scrypt: N = 2¹⁵, r = 8, p = 1 is the commonly-quoted baseline; N = 2¹⁷ is more current.
PBKDF2-HMAC-SHA-256: OWASP suggests 600,000 iterations as a 2023 floor; bump again for 2026.
bcrypt: cost 10 was 2011-era; cost 12–13 is closer to today.

FAQ