Crypto & Security 1 credit COMPUTE

Hash Password API

Hash passwords securely using PBKDF2-SHA256 with a cryptographically random salt via REST API. The output is safe to store in a database — without the original password, the hash cannot be reversed. Use crypto-password-verify to check passwords at login.

Try it live →

How it works

POST the plaintext password. The API generates a 32-byte random salt, runs 100,000 iterations of PBKDF2-SHA256, and returns the hash and salt as hex strings. Store both. At login time, use the verify endpoint with the original salt.

Use cases

Hash user passwords before storing in a database during registration
Migrate from weak MD5 password hashes to PBKDF2 in a batch process
Hash PINs and passcodes for any authentication system

API Reference

POST https://slopshop.gg/v1/crypto-password-hash
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Input parameters

Parameter	Type	Required	Description
`input / data`	string	required	The input data to hash or process

Example response

{
  "data": {
    "result": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "algorithm": "password-hash"
  },
  "meta": {
    "credits_used": 1,
    "engine": "real",
    "ms": 4
  }
}

Examples

Three real-world scenarios showing how developers use Hash Password in production.

Example 1

Hash new user password

Hash a password during user registration before storing in the database.

curl -X POST https://slopshop.gg/v1/crypto-password-hash \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"password": "MySecurePassword123!"}'

Example 2

Hash a PIN

Hash a numeric PIN before storing for a mobile app.

curl -X POST https://slopshop.gg/v1/crypto-password-hash \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"password": "492817"}'

Example 3

Migrate from MD5 hash

Re-hash a password that was previously stored as MD5 using PBKDF2.

curl -X POST https://slopshop.gg/v1/crypto-password-hash \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"password": "legacy_user_password"}'

Code examples

curl

curl -X POST https://slopshop.gg/v1/crypto-password-hash \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"input": "your data here"}'

Python

import requests

response = requests.post(
    "https://slopshop.gg/v1/crypto-password-hash",
    headers={"Authorization": "Bearer YOUR_API_KEY"},
    json={"input": "your data here"}
)
result = response.json()
print(result["data"])

Node.js

const response = await fetch("https://slopshop.gg/v1/crypto-password-hash", {
  method: "POST",
  headers: {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({ input: "your data here" })
});
const { data } = await response.json();
console.log(data);

CLI

# Install the Slopshop CLI
npm install -g slopshop

# Set your API key
export SLOPSHOP_KEY=your_api_key

# Call crypto-password-hash
slop crypto-password-hash '{"input": "your data here"}'

Pricing

Credits per call

credits

Cost per call

$0.001

at Starter tier

Tier

COMPUTE

Pure compute

Credits are purchased in bundles starting at $1 for 1,000 credits. All compute APIs like this one use 1 credit per call — that's $0.001. See all pricing tiers.

Related APIs in Crypto & Security

View the full API catalog · Try in playground · Documentation