Generate scrypt password hashes with tunable cost (N), block size (r) and parallelism (p). Memory-hard and GPU-resistant. Runs entirely in your browser.
Supported Tools:
Generate scrypt password hashes with tunable cost, block size and parallelism. Memory-hard and GPU-resistant. Runs entirely in your browser.
scrypt, defined in RFC 7914, is a memory-hard key-derivation function designed by Colin Percival. By requiring a large, tunable amount of memory per guess, it makes large-scale brute forcing on GPUs and custom hardware expensive. It is battle-tested and used in disk encryption, cryptocurrencies and password storage. This tool derives an scrypt value from a password and salt and returns the hex digest, computed locally via WebAssembly.
Input:
password + salt, N=16384, r=8, p=1
Output:
a 64-character hex digest (for 32 output bytes)
What parameters are safe?
A common interactive baseline is N=16384, r=8, p=1, which uses about 16 MiB. Raise N for more security where you can afford the memory and time.
Why must N be a power of two?
The algorithm indexes into its memory buffer using N, so it is defined only for powers of two such as 16384, 32768 or 65536.
scrypt or Argon2?
Both are memory-hard and strong. Argon2id is the newer competition winner and slightly more flexible, while scrypt has a longer track record. Either is a solid choice.
Is my password sent anywhere?
No. The derivation runs locally in your browser with WebAssembly.