bcrypt -- keeping up with Moore's law [duplicate]

Question

I'm using bcrypt to store passwords in my database, using a work factor of 7, which takes about 0.02s to hash a single password on my reasonably modern laptop.

Coda Hale says that using bcrypt allows you to 'keep up with Moore's law' by tweaking the work factor. But there's no way to re-encrypt a user's password, since I'm not storing the plaintext. How can I keep my database up-to-date and difficult to crack (assuming it hangs around for the 5+ years it would take for this to become an issue)?

Answer 1

Re-encrypt on login. See Optimal bcrypt work factor.

Remember that the value is stored in the password: $2a$(2 chars work)$(22 chars salt)(31 chars hash). It is not a fixed value.

If you find the load is too high, just make it so the next time they log in, you crypt to something faster to compute. Similarly, as time goes on and you get better servers, if load isn't an issue, you can upgrade the strength of their hash when they log in.

The trick is to keep it taking roughly the same amount of time forever into the future along with Moore's Law. The number is log2, so every time computers double in speed, add 1 to the default number...