---
title: "Pbkdf2Params | Grafana k6 documentation"
description: "Pbkdf2Params is a parameter used for deriveBits and deriveKey operations."
---

> For a curated documentation index, see [llms.txt](/llms.txt). For the complete documentation index, see [llms-full.txt](/llms-full.txt).

# Pbkdf2Params

The `Pbkdf2Params` object represents the parameters for the PBKDF2 algorithm. It should be passed as the `algorithm` parameter into [`deriveBits`](/docs/k6/next/javascript-api/crypto/subtlecrypto/derivebits/) or [`deriveKey`](/docs/k6/next/javascript-api/crypto/subtlecrypto/derivekey/).

PBKDF2 (Password-Based Key Derivation Function 2) is designed to derive cryptographic keys from a password. It applies a pseudorandom function (such as HMAC) to the password along with a salt value and repeats the process many times to produce a derived key. The added computational work makes password cracking much more difficult.

## Properties

Expand table

| Property   | Type          | Description                                                                                                            |
|------------|---------------|------------------------------------------------------------------------------------------------------------------------|
| name       | `string`      | Should be set to `PBKDF2`.                                                                                             |
| hash       | `string`      | The hash function to use. Can be `SHA-1`, `SHA-256`, `SHA-384`, or `SHA-512`.                                          |
| salt       | `ArrayBuffer` | A random or pseudo-random value of at least 16 bytes.                                                                  |
| iterations | `number`      | The number of iterations to perform. Must be greater than 0. Should be as high as possible (e.g., 310000 for SHA-256). |

## Example

JavaScript ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy

```javascript
export default async function () {
  const password = stringToArrayBuffer('my secret password');

  // Import the password as a key
  const baseKey = await crypto.subtle.importKey('raw', password, 'PBKDF2', false, [
    'deriveBits',
    'deriveKey',
  ]);

  // Generate a random salt
  const salt = crypto.getRandomValues(new Uint8Array(16));

  // Derive bits using PBKDF2
  const derivedBits = await crypto.subtle.deriveBits(
    {
      name: 'PBKDF2',
      hash: 'SHA-256',
      salt: salt,
      iterations: 310000,
    },
    baseKey,
    256
  );

  console.log('derived bits: ' + arrayBufferToHex(derivedBits));
}

function stringToArrayBuffer(str) {
  const buf = new ArrayBuffer(str.length * 2);
  const bufView = new Uint16Array(buf);
  for (let i = 0, strLen = str.length; i < strLen; i++) {
    bufView[i] = str.charCodeAt(i);
  }
  return buf;
}

function arrayBufferToHex(buffer) {
  return [...new Uint8Array(buffer)].map((x) => x.toString(16).padStart(2, '0')).join('');
}
```