erlang-bcrypt

erlang-bcrypt is a wrapper around the OpenBSD Blowfish password hashing algorithm, as described in “A Future-Adaptable Password Scheme” by Niels Provos and David Mazieres.

Basic build instructions

1. Build it:

   rebar3 compile
   

2. Run it:

   rebar3 shell
   

Basic usage instructions

1. Hash a password using a salt with the default number of rounds:

        1> {ok, Salt} = bcrypt:gen_salt().
        {ok,"$2a$12$sSS8Eg.ovVzaHzi1nUHYK."}
        2> {ok, Hash} = bcrypt:hashpw("foo", Salt).
        {ok,"$2a$12$sSS8Eg.ovVzaHzi1nUHYK.HbUIOdlQI0iS22Q5rd5z.JVVYH6sfm6"}

2. Verify the password:

        3> {ok, Hash} =:= bcrypt:hashpw("foo", Hash).
        true
        4> {ok, Hash} =:= bcrypt:hashpw("bar", Hash).
        false

Configuration

The bcrypt application is configured by changing values in the application’s environment:

default_log_rounds
Sets the default number of rounds which define the complexity of the hash function. Defaults to 12.

Authors

• Hunter Morris
• Mrinal Wadhwa
• Paul Oliver