erlang-bcrypt is a wrapper around the OpenBSD Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
Build it (project uses rebar, but I've included a Makefile):
makeRun it (simple way, starting sasl, crypto and bcrypt):
erl -pa ebin -boot start_sasl -s crypto -s bcrypt
Hash a password using a salt with the default number of rounds:
1> {ok, Salt} = bcrypt:gen_salt(), {ok,"$2a$12$sSS8Eg.ovVzaHzi1nUHYK."} 2> {ok, Hash} = bcrypt:hashpw("foo", Salt), {ok,"$2a$12$sSS8Eg.ovVzaHzi1nUHYK.HbUIOdlQI0iS22Q5rd5z.JVVYH6sfm6"}Verify the password:
3> {ok, Hash} =:= bcrypt:hashpw("foo", Hash). true 4> {ok, Hash} =:= bcrypt:hashpw("bar", Hash). false
The bcrypt application is configured by changing values in the application's environment:
default_log_roundsSets the default number of rounds which define the complexity of the hash function. Defaults to
12.mechanismSpecifies whether to use the NIF implementation (
'nif') or a pool of port programs ('port'). Defaults to'port'.WARNING: the NIF implementation will block Erlang VM scheduler threads and is not suitable for many applications.
pool_sizeSpecifies the size of the port program pool. Defaults to
4.