What Hash $2 Y $10?

The prefix $2y$10 identifies a hash generated using the bcrypt algorithm. A full bcrypt hash string, which includes a salt and the final hash, begins with this prefix to specify the algorithm and its parameters.

Dissecting the $2y$10 hash prefix

A bcrypt hash is a self-contained string that includes all the information needed to verify a password. The prefix is separated by dollar signs ($) and broken down into three distinct parts:

• $2y$: The algorithm identifier. The $2y$ prefix indicates that the hash was created using a specific variant of the bcrypt algorithm. While $2a$ and $2b$ are also used for bcrypt, $2y$ was introduced by the crypt_blowfish project to address a vulnerability in some early $2a$ implementations. All modern implementations of $2y$ and $2b$ are now considered secure.

• $10$: The cost factor. This number is a logarithmic value that determines how computationally expensive the hashing process is. The actual number of hashing iterations is 2102 to the tenth power

  210

  , or 1,024 rounds in this case. A higher cost factor makes the hashing process take longer, which makes the hash more resistant to brute-force attacks. This is an "adaptive" feature of bcrypt, as the cost can be increased over time as computing power gets faster.

• The rest of the string: The bcrypt hash string continues with a 22-character, base64-encoded salt, followed by the final 31-character base64-encoded hash of the password itself. The entire string is stored as a single entry in a database.

How bcrypt provides superior password security

Developed in 1999, bcrypt was specifically designed to be slow and resistant to brute-force attacks. It is based on the Blowfish block cipher and is a significant improvement over faster, weaker hashing algorithms like MD5 or SHA-1, which can be cracked instantly using modern hardware.

The importance of salting

Bcrypt's process automatically generates a unique, random salt for every password. This salt is added to the user's password before hashing.

• Protects against rainbow tables: The use of a unique salt for each password prevents attackers from using precomputed hash tables (known as rainbow tables) to crack a password database.
• Ensures unique hashes: Even if two users have the same password, the different salts ensure their hashes will be completely different.

The "cost" of security

The most important feature of bcrypt is the adjustable work factor or cost parameter.

• Resists brute-force attacks: By design, bcrypt is computationally intensive. The cost factor of $10$ forces an attacker to run 1,024 hashing rounds for every single password guess. This means an attacker with a powerful GPU that can perform millions of MD5 hashes per second may only be able to perform a few bcrypt guesses in the same amount of time.

• Future-proofs security: As computers inevitably become faster, a system administrator can increase the cost factor for all new password hashes. For example, moving from $10$ to $11$ would double the number of rounds to 2112 to the 11th power

  211

  (2,048), keeping the time needed to generate the hash relatively constant and maintaining a strong defense against offline attacks.

The password verification process with bcrypt

When a user attempts to log in, the system uses the full hash string to determine if the password is correct without ever needing to "decrypt" the original password.

1. Retrieve the hash: The system looks up the stored hash string for the user.
2. Extract the parameters: The system parses the hash string to get the cost factor (e.g., $10$) and the salt.
3. Hash the input: The bcrypt function combines the salt with the password the user entered, and then hashes it the number of times specified by the cost factor.
4. Compare the output: The newly generated hash is compared to the hash that was stored in the database.
5. Authenticate the user: If the two hash values match, the password is correct, and the user is authenticated. If they don't, the login is denied.