Hashed passwords are put through an algorithm to be cryptographically transformed from something that’s readable into an unintelligible scramble. These algorithms are “one-way functions” that are easy to run but very difficult to decode or “crack,” even by the person who created the hash. In the case of login security, the idea is that you choose a password, the platform you’re using makes a hash of it, and then when you sign in to your account in the future, the system takes the password you input, hashes it, and then compares the result to the password hash on file for your account. If the hashes match, the login will be successful. This way, the service is only collecting hashes for comparison, not passwords themselves.
The innovation of bcrypt was that it included a security parameter that could be tuned over time to require more and more computing power to crack bcrypt hashes. This way, as broadly available processing speed increased, bcrypt hashes could become more and more difficult to crack.
“It’s one of those ideas that’s so obvious in retrospect,” Mazieres says. “Of course, it’s cool that bcrypt was a thing Niels and I did. But I think the important thing is, whatever password hashing algorithm we have, that there be some sort of security parameter to make it harder [in a way] that’s a function of computing resources.”
The next generation of hash functions requires more memory to attempt to crack hashed passwords, in addition to processing power.
“The problem was that computers keep getting faster, so a function that seems ‘slow’ today might be fast on tomorrow’s computer,” says Johns Hopkins cryptographer Matthew Green. “The idea behind bcrypt was to make this adjustable. So over time, you could crank up the difficulty level very easily. But then the problem became that people have made guessing even faster by taking advantage of specialized hardware that can compute many things in parallel. This undermines security for functions like bcrypt. So the more recent idea is to use functions that also require a lot of memory, as well as computation, on the theory that parallel attacks won’t be able to scale this resource as well.”
Password security is always lagging, though, and both Provos and Mazieres expressed disbelief and disappointment that the state of passwords broadly has not evolved in decades. Even new schemes like passkeys are only just beginning to emerge.
“Bcrypt should have been superseded already,” Provos says. “It’s surprising how much reliance we still have on passwords. If you had asked me 25 years ago, I would not have guessed that.”
Provos has turned to making cybersecurity- and authentication-themed electronic dance music under the DJ name Activ8te as a way to share his ideas about security with a broader audience and attempt to create cultural change in how people approach their personal security. Mazieres emphasizes, too, that the tech industry has done people a disservice by training them to authenticate in dangerous ways—clicking on links and plugging in passwords constantly and often indiscriminately.
Even if bcrypt’s moment is passing, its inventors say it’s still worth investing time and energy into efforts to improve digital authentication and security more broadly and to help people bolster their own digital defenses.
“There was a version of the world where I would just make music and do blacksmithing,” Provos says. “But the state of security still makes me so sad that I still feel like I have to contribute back somehow.”