bcrypt Cost: Brute Force Time

TL;DR

Higher bcrypt cost factors increase password hashing time, making brute-force attacks slower but also impacting application performance. Costs of 10, 12 and 14 are common choices. A cost of 12 is generally recommended as a good balance between security and speed. Testing is crucial to determine the optimal cost for your system.

Understanding bcrypt Cost

bcrypt (Blowfish) is a password hashing function used to securely store passwords. The ‘cost’ parameter determines how much computational effort is required to hash a password. A higher cost means more rounds of hashing, making it harder for attackers to crack the hashes.

How Cost Affects Brute Force Time

1. Increased Security: Each additional round exponentially increases the time needed to brute-force a password.
2. Performance Impact: Higher costs also increase the time it takes for legitimate users to log in and for your application to verify passwords.

Typical bcrypt Costs

Common cost factors are 10, 12, and 14. Let’s look at what these mean:

• Cost = 10: Relatively fast hashing (around 100ms per hash). Vulnerable to modern hardware attacks.
• Cost = 12: A good balance between security and performance (around 500ms – 1 second per hash). Recommended for most applications.
• Cost = 14: Slower hashing (around 1-2 seconds per hash). Provides higher security but can impact user experience, especially on slower servers.

Estimating Brute Force Time

The actual time to crack a bcrypt hash depends on several factors:

• Hardware: Attackers use powerful GPUs and dedicated hardware for cracking.
• Password Complexity: Simple passwords are cracked faster than complex ones.
• Hash Rate: The number of hashes an attacker can attempt per second.

However, we can get a general idea:

• A cost of 10 might be cracked in hours with modern hardware for common passwords.
• A cost of 12 is likely to take days or weeks for most passwords.
• A cost of 14 could take months or even years, making it impractical for many attackers.

Testing bcrypt Cost

It’s crucial to test the performance impact of different costs on your system before deploying them.

1. Load Testing: Simulate multiple users logging in simultaneously with varying password lengths and complexities.
2. Measure Response Times: Monitor the time it takes for password verification during load testing.
3. Adjust Cost Accordingly: If response times are unacceptable, reduce the cost factor.

Example using Python

Here’s how you can generate bcrypt hashes with different costs in Python:

from passlib.hash import bcrypt

pwd = "mysecretpassword"

# Cost 10
hash_10 = bcrypt.hash(pwd, rounds=10)
print("Cost 10 Hash:", hash_10)

# Cost 12
hash_12 = bcrypt.hash(pwd, rounds=12)
print("Cost 12 Hash:", hash_12)

# Cost 14
hash_14 = bcrypt.hash(pwd, rounds=14)
print("Cost 14 Hash:", hash_14)

Choosing the Right Cost

1. Start with Cost 12: This is a good default for most applications.
2. Monitor Performance: Regularly monitor your application’s performance after deploying bcrypt.
3. Consider Your Users: If you have users with limited hardware, a lower cost might be necessary.
4. Regularly Re-evaluate: As hardware improves, attackers will be able to crack hashes faster. Consider increasing the cost factor periodically.

cyber security Best Practices

• Always use a salt with your bcrypt hashing. Passlib handles this automatically.
• Store passwords securely in a database.
• Implement rate limiting to prevent brute-force attacks.