Salt Length Used by Auth0 when Hashing Passwords

lihua.zhang September 14, 2022, 6:31pm 1

Last Updated: Dec 6, 2024

Overview

This article clarifies what is the length of the salt being used in Auth0 when hashing passwords.

Auth0 uses Bcrypt to hash all the passwords. Bcrypt always uses a salt of length 16 bytes or 128 bits.

September 2022 Community News

Topic		Replies	Views
What is the default cost factor of bcrypt that auth0 uses for hashing passwords? Help auth0	2	2595	June 19, 2021
Import hashed bcrypt passwords Help management-api , users	0	735	June 15, 2023
What is the updated default cost factor of bcrypt that auth0 uses for hashing passwords? Help mfa , webauth-factor	2	15	October 4, 2024
For passwords longer than 72 characters, Auth0 is ignoring all characters after the 72nd Help password	4	3107	March 25, 2020
Import users with a bcrypt password hash salted with 12 rounds Help user-import , bcrypt	4	7479	September 5, 2020