Skip to main content
The Bun.password.hash() function provides a fast, built-in mechanism for securely hashing passwords in Bun. No third-party dependencies are required. 
const password = 'super-secure-pa$$word';

const hash = await Bun.password.hash(password);
// => $argon2id$v=19$m=65536,t=2,p=1$tFq+9AVr1bfPxQdh6E8DQRhEXg/M/...
By default, this uses the Argon2id algorithm. Pass a second argument to Bun.password.hash() to use a different algorithm or configure the hashing parameters. 
const password = 'super-secure-pa$$word';

// use argon2 (default)
const argonHash = await Bun.password.hash(password, {
	memoryCost: 4, // memory usage in kibibytes
	timeCost: 3, // the number of iterations
});
Bun also implements the bcrypt algorithm. Specify algorithm: "bcrypt" to use it. 
// use bcrypt
const bcryptHash = await Bun.password.hash(password, {
	algorithm: 'bcrypt',
	cost: 4, // number between 4-31
});
Use Bun.password.verify() to verify a password. The algorithm and its parameters are stored in the hash itself, so re-specifying configuration is unnecessary. 
const password = 'super-secure-pa$$word';
const hash = await Bun.password.hash(password);

const isMatch = await Bun.password.verify(password, hash);
// => true
See Docs > API > Hashing for complete documentation.
I