scrypt Key Derivation

Derive keys from a password and salt with scrypt. Configure N, r, p, and output length with hex or base64 output.

Configuration
Derive keys from a password and salt with scrypt. Configure N, r, p, and output length with hex or base64 output.

Estimated memory: 16 MiB

Salt
Plain text / Random salt / Import from file
Derived Key
Derived key for the current password, salt, and scrypt parameters.
Enter a password and provide a salt or import a file to derive a key.

What is scrypt?

scrypt is a memory-hard password-based key derivation function (KDF). It turns a password and salt into deterministic key bytes while intentionally spending CPU time and memory, which makes large-scale password guessing more expensive than simple hashing.

Key points:

  • Uses N (cost factor), r (block size), and p (parallelism)
  • Higher N and r settings increase memory and compute cost
  • Produces the same derived key only when the password, salt, parameters, and output length match

Best practices:

  • Use a unique random salt for every password or secret
  • Store N, r, p, salt format, and output length next to the derived key
  • Tune parameters on the slowest device you need to support before using them in production