Is a yescrypt ($y$) hash reversible?

No. yescrypt ($y$) is a one-way hash; you cannot reverse it. You can only guess inputs and compare, which is what hashcat and John do.

What is the hashcat mode for yescrypt ($y$)?

Use `-m -1` to tell hashcat to treat the input as yescrypt ($y$).

How long does it take to crack yescrypt ($y$)?

yescrypt ($y$) is intentionally slow, so brute force is impractical — success depends on the password appearing in your wordlist.

Is a yescrypt ($y$) hash reversible?

No. yescrypt ($y$) is a one-way hash; you cannot reverse it. You can only guess inputs and compare, which is what hashcat and John do.

What is the hashcat mode for yescrypt ($y$)?

Use `-m -1` to tell hashcat to treat the input as yescrypt ($y$).

How long does it take to crack yescrypt ($y$)?

yescrypt ($y$) is intentionally slow, so brute force is impractical — success depends on the password appearing in your wordlist.

How to identify and crack a yescrypt ($y$) hash

yescrypt ($y$) is a unix crypt hash type. It uses a deliberately slow, salted key-derivation scheme, so only weak or short passwords are realistically recoverable. This page shows how to recognise it and the exact commands to attack it.

All identification runs locally in WebAssembly. The commands below write the hash to a local file on your machine — nothing is sent to this site.

Identifying the hash

The hash identifier on the home page detects yescrypt ($y$) entirely in your browser — your hash is never uploaded. A typical example looks like this:

$y$j9T$F5Jx5fExrKuPp53xLKQ.M/$WqJlVz5GsCfM2W7zQ8t0fnZ8x.Yh6cZ0p1mPq.3rT3A

Cracking yescrypt ($y$) with John the Ripper

John the Ripper can attack the same hash with the crypt format:

echo '$y$j9T$F5Jx5fExrKuPp53xLKQ.M/$WqJlVz5GsCfM2W7zQ8t0fnZ8x.Yh6cZ0p1mPq.3rT3A' > hash.txt && john --format=crypt --wordlist=/usr/share/wordlists/rockyou.txt hash.txt