NodeJS BCRYPT cost calculator

bcrypt_cost_calculator.js

/**
 * Password BCRYPT Hash Cost Calculator for NodeJS
 *
 * Just upload this script to your server and run it.
 *
 * You should choose a cost that will take at least 100ms (500ms preferably)
 *
 * Uses bcrypt.js from https://github.com/dcodeIO/bcrypt.js
 */
const { performance } = require('perf_hooks');
const bcrypt = require('bcryptjs');

// Upper time limit to check
const upperTimeLimit = 1000;
const password = 'this_is_just_a_long_string_to_test_on_U8WNZqmz8ZVBNiNTQR8r';

console.log(`\nPassword BCRYPT Hash Cost Calculator\n`);
console.log(`We're going to run until the time to generate the hash takes longer than ${upperTimeLimit}ms`);

var cost = 3;
var first_cost_above_100 = null;
var first_cost_above_500 = null;
var time, start, stop;

// Force bcrypt lib to init itself on first run (to not skew results)
bcrypt.hashSync(password, 0);

do {
    cost++;

    process.stdout.write(`Testing cost value of ${cost}:`);

    start = performance.now();
    bcrypt.hashSync(password, cost);
    stop = performance.now();

    time = stop - start;

    console.log(`... took ${time}ms`);

    if (first_cost_above_100 === null && time > 100) {
        first_cost_above_100 = cost;
    } else if (first_cost_above_500 === null && time > 500) {
        first_cost_above_500 = cost;
    }

} while (time < upperTimeLimit);

console.log(`\nYou should use a cost between ${first_cost_above_100} and ${first_cost_above_500}`);