PBKDF2 Key Derivation

Derive keys from a password and salt with PBKDF2. Configure iterations, hash algorithm, and output length with hex or base64 output.

Configuration
Derive keys from a password and salt with PBKDF2. Configure iterations, hash algorithm, and output length with hex or base64 output.
Salt
Plain text / Import from file
Derived Key
Derived key for the current password and salt input.
Derive keys from a password and salt with PBKDF2. Configure iterations, hash algorithm, and output length with hex or base64 output.

What is PBKDF2?

PBKDF2 (Password-Based Key Derivation Function 2) derives a cryptographic key from a password using a salt and many iterations. It slows down brute-force attacks and produces different keys when the salt changes.

Key points:

  • Uses HMAC with a chosen hash (SHA-1/SHA-256/etc.)
  • Iterations increase computation cost
  • Output length is configurable

Best practices:

  • Use a unique, random salt
  • Prefer higher iterations within acceptable performance
  • For new systems, consider memory-hard KDFs like Argon2 or scrypt