Is bcrypt still safe in 2025?
Yes, with 10-12 salt rounds. It is not the most modern option (argon2 is better), but it is battle-tested, easy to use, and safe for most apps. Use 12 rounds for high-security apps.
Verify This Answer
Cross-check this information using these trusted sources:
More FAQs in bcrypt vs Other Password Hashing Algorithms
argon2id for new projects with no constraints (modern, memory-hard, side-channel resistant). bcrypt with 10-12 rounds for existing projects or simple setup. PBKDF2 only if you need a standard built into Node. Avoid raw SHA hashes.
argon2 is memory-hard (requires lots of RAM), so ASICs are expensive to build. bcrypt is not memory-hard, so an attacker with ASICs can brute-force faster. argon2id is also side-channel resistant.
SHA-256 is a fast hash, not a password hash. It is designed to be fast, which means brute-forcing a list of hashes is fast. Password hashes are slow on purpose (bcrypt, argon2). Never use raw SHA for passwords.
Still have questions?
Browse all our FAQs or reach out to our support team
