Modern password hashing for your software and your servers
Project description
bcrypt
Modern password hashing for your software and your servers
Installation
To install bcrypt, simply:
$ pip install bcrypt
Note that bcrypt should build very easily on Linux provided you have a C compiler, headers for Python (if you’re not using pypy), and headers for the libffi libraries available on your system.
For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:
$ sudo apt-get install build-essential libffi-dev python-dev
For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:
$ sudo yum install gcc libffi-devel python-devel
Changelog
3.0.0
Switched the C backend to code obtained from the OpenBSD project rather than openwall.
Added support for bcrypt_pbkdf via the kdf function.
2.0.0
Added support for an adjustible prefix when calling gensalt.
Switched to CFFI 1.0+
Usage
Hashing
Hashing and then later checking that a password matches the previous hashed password is very simple:
>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a randomly-generated salt
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
>>> # Check that a unhashed password matches one that has previously been
>>> # hashed
>>> if bcrypt.hashpw(password, hashed) == hashed:
... print("It Matches!")
... else:
... print("It Does not Match :(")
KDF
As of 3.0.0 bcrypt now offers a kdf function which does bcrypt_pbkdf. This KDF is used in OpenSSH’s newer encrypted private key format.
>>> import bcrypt
>>> key = bcrypt.kdf(
... password=b'password',
... salt=b'salt',
... desired_key_bytes=32,
... rounds=100)
Adjustable Work Factor
One of bcrypt’s features is an adjustable logarithmic work factor. To adjust the work factor merely pass the desired number of rounds to bcrypt.gensalt(rounds=12) which defaults to 12):
>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a certain number of rounds
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
>>> # Check that a unhashed password matches one that has previously been
>>> # hashed
>>> if bcrypt.hashpw(password, hashed) == hashed:
... print("It Matches!")
... else:
... print("It Does not Match :(")
Adjustable Prefix
Another one of bcrypt’s features is an adjustable prefix to let you define what libraries you’ll remain compatible with. To adjust this, pass either 2a or 2b (the default) to bcrypt.gensalt(prefix=b"2b") as a bytes object.
As of 3.0.0 the $2y$ prefix is still supported in hashpw but deprecated.
Maxmimum Password Length
The bcrypt algorithm only handles passwords up to 72 characters, any characters beyond that are ignored. To work around this, a common approach is to hash a password with a cryptographic hash (such as sha256) and then base64 encode it to prevent NULL byte problems before hashing the result with bcrypt:
>>> password = b"an incredibly long password" * 10
>>> hashed = bcrypt.hashpw(
... base64.b64encode(hashlib.sha256(password).digest()),
... bcrypt.gensalt()
... )
Compatibility
This library should be compatible with py-bcrypt and it will run on Python 2.6+, 3.3+, and PyPy 2.6+.
C Code
This library uses code from OpenBSD.
Security
bcrypt follows the same security policy as cryptography, if you identify a vulnerability, we ask you to contact us privately.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for bcrypt-3.0.0-cp35-cp35m-win_amd64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | eca160836418227221c61bd2908d8d2c873e51e0d3b65d956685d9e54da1315c |
|
MD5 | 6666acaf39c7a0ab1f75663baf7fbb93 |
|
BLAKE2b-256 | 9bee5ffcdd4ff942a975023958316ca28dcee4163fe617bf8e305f0b63e5bc2e |
Hashes for bcrypt-3.0.0-cp35-cp35m-win32.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8d52399d337d81da33920cd5be5f213bc81073d47b77ab1fcacfc1e95d705b7c |
|
MD5 | f71995f01aa9043f7a980e1854ad5208 |
|
BLAKE2b-256 | e0b8903694b5619ff0522af0419345245e9cd9482512b5d0554967e29c169712 |
Hashes for bcrypt-3.0.0-cp35-cp35m-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 31829e8c885f5af94db5af74be959dffc283e5fdbf960dd5dbbf58a58795e011 |
|
MD5 | 7b64a24def5ec9076418240b04678908 |
|
BLAKE2b-256 | 9aacbaae288724e831385dc2851084f4197843b410171f1de68119afb22f3920 |
Hashes for bcrypt-3.0.0-cp35-cp35m-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 07d9b08ff2b300bec816e6007c04462a2c779bda6c93d1d983ff4b2196304676 |
|
MD5 | 03fc061fa0cf601c3849f7b4bc113372 |
|
BLAKE2b-256 | da24cc3e9842e385eb5707765c8d951754620348e0863b5789664136e9cfc11b |
Hashes for bcrypt-3.0.0-cp35-cp35m-macosx_10_6_intel.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c010caeaae6870c4cdf2b8dbe5ed6b7976126ebba5e36c9d76e10a3dd9c290e5 |
|
MD5 | 9896b1bbcafcf7b5ad83113058958d5c |
|
BLAKE2b-256 | 3a392d46473a66a7188eaf3e690ceeca3ecb06056ef426dfd5bef30032f53481 |
Hashes for bcrypt-3.0.0-cp34-cp34m-win_amd64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ad611c623bad37ec4baa23ae555cd4b310c578a0e22c60ec4bd3f896106b3b89 |
|
MD5 | 24a381549034548656e6b067d4829d17 |
|
BLAKE2b-256 | d6d58d48f3a3e4a573754fffc55fdefe88b0bc7b1eec395a423f79c27290c64a |
Hashes for bcrypt-3.0.0-cp34-cp34m-win32.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fad2ccacbba3e1ba6b1decef432b9970772f7a2efcc3c5c16d5319bc8ff8fcfb |
|
MD5 | 09870e28de991d1cb8817182f3eae112 |
|
BLAKE2b-256 | 4a66736b5a225c34f9d265d40ebcde9bdd4cb325b0e26f5901e02ddc21b999c7 |
Hashes for bcrypt-3.0.0-cp34-cp34m-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8cc0cb1f925a586af020de010212ebd803bf238c0af451d2bcfeff710b37ba26 |
|
MD5 | e32b2fb4e51896caf9a98e0cffb2e6b0 |
|
BLAKE2b-256 | 994094d629d746cd57f02bb64cafb75c14bb1d7745a93b436f337ef4555ac8d4 |
Hashes for bcrypt-3.0.0-cp34-cp34m-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 61de9dfdbfd3c064bea70ade459c50662073516ee83847b4a98ac015c16e14f6 |
|
MD5 | 1c49f9b938e87e9cf5521979b2275355 |
|
BLAKE2b-256 | 5927efb1ff21c7314642fc00bebba70b7acdc625ef98032bf6d9e8e428ed5de0 |
Hashes for bcrypt-3.0.0-cp34-cp34m-macosx_10_6_intel.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3a45273f8aa5b3459ad919517bd812548792656ebc72682d0f1895b84c3b9ad7 |
|
MD5 | 302f7a9dbfc259b039bc86a186a9a9cd |
|
BLAKE2b-256 | 4363cac9ff3a0244794ccba817bfbfd461e937489ea2ab839bdb585eacf53f49 |
Hashes for bcrypt-3.0.0-cp33-cp33m-win_amd64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1b7d71c3357321d87f665d718f2a5347735a536857fc1fe825da8e514f097413 |
|
MD5 | bd3bdeb3f3414fc75655e92a1165eaaa |
|
BLAKE2b-256 | 62282c8af084883e55985af3e3bdb5b4cc08d90ae6873346f87fcd361e0afe13 |
Hashes for bcrypt-3.0.0-cp33-cp33m-win32.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0f3e88da1ad3c6cc51c6d2aeddd37e23d15a378ae612b87cf7644874a35c2779 |
|
MD5 | a31d90f02054184ad3fd3970d526270e |
|
BLAKE2b-256 | f0d794bd0982538ed1cf841cc27737c32ccc9e47005ad443c2998e59d74b5a52 |
Hashes for bcrypt-3.0.0-cp33-cp33m-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 84ae051884cb3251e9cd98ad8c5e42eb6e960214dbc81e04dd2ee4ea458aa562 |
|
MD5 | 763171414709a5fa25d52e8f696b988f |
|
BLAKE2b-256 | fb9ec4c4062c8e1d86b5447079b27e4f83cb44b63fdffbf08cd3c19ffe5d9e8a |
Hashes for bcrypt-3.0.0-cp33-cp33m-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 91af256403146453203885d9d8f83f770667d4ed02cf01f2f174f849eb1884a7 |
|
MD5 | 05c96ef5fb412ec88dfd009911897edc |
|
BLAKE2b-256 | 2d46d873dedeae7ebc3c25ab2968b6fe07fb4ad4eea1086edb76b84fcd298069 |
Hashes for bcrypt-3.0.0-cp33-cp33m-macosx_10_6_intel.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 79e5b62b6161e34acdc9086a63a0c063def46023353929d9242f9e9016df97f1 |
|
MD5 | 6971751a177a81d12cd664509e140cfd |
|
BLAKE2b-256 | e17468634374ebea6588387196ea2c9163368a7cf3eb162ab57df1cf1e5f85f1 |
Hashes for bcrypt-3.0.0-cp27-cp27mu-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1627fddc299eeba80357c9a44d923eadf925e5379f9a385cb802218f3dab5df2 |
|
MD5 | b950157ab9b1d0f8027fe0cbfd3fd40c |
|
BLAKE2b-256 | 2edcb46f0d924e79e85437cf0ca3a98c75c5de2f6422fe5e87236dcccba1c4dd |
Hashes for bcrypt-3.0.0-cp27-cp27mu-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cb4437c85c96faa6cf12a7e25fbc8a876e0b59611fcf837ea1e4229b081e7d5f |
|
MD5 | 8b18e78e4cd219d7d2cb34cc4db30208 |
|
BLAKE2b-256 | 94ae18a93e3a45f7c0dda7f6374a1832796bc86d753a5e9ac80dd655e96873a3 |
Hashes for bcrypt-3.0.0-cp27-cp27mu-macosx_10_10_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | a7d46e88b1d2b112fa435471b38ea789879f0600baaff364413592c3f34a553b |
|
MD5 | d8fc9aa0c7e68f4a07613e04c09eac3a |
|
BLAKE2b-256 | 785cd5416906f6bf9a0c346872ddaf233c876dda70f48031d229b454a923e50c |
Hashes for bcrypt-3.0.0-cp27-cp27m-win_amd64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 029ccfaa1ce249cffb5e6a62927f0efb2844d252cbe7bc09ca938f9d9c185f98 |
|
MD5 | 2c34a61d5a860d0724c5599ba0292d37 |
|
BLAKE2b-256 | 87092fdc63b95a002af73a261a0d0560762867f5d4313fe6ec623b577a472ec0 |
Hashes for bcrypt-3.0.0-cp27-cp27m-win32.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9a76f6c06f2f1a2d599b83cde78b3dfcd643ffd25ecde8f252010d19da663e54 |
|
MD5 | 5afac4b2b7e1814244a8ead0b1a21bd2 |
|
BLAKE2b-256 | e53308f080a0d83b8666f404d60ae04040a70ab4ec3eb8b51c0959cac1e87fdd |
Hashes for bcrypt-3.0.0-cp27-cp27m-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c17ddbef8e73b30cb83cec6f6f25e31351f73dda25cf414a3bc24213410414b3 |
|
MD5 | 85bf67030dc621567f4616513d724d12 |
|
BLAKE2b-256 | 0d7205a158e8f0246693df983ea01185546753975a0e796206934c84af60f94d |
Hashes for bcrypt-3.0.0-cp27-cp27m-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | a3ab0749996ce3da7145f531a29b02d476a23037948f5c26c56a0c6a0a46a30b |
|
MD5 | 38e1e15c108c0787b94254e200809397 |
|
BLAKE2b-256 | 9e137d43dab4d310817025c2e8c6334b010826a58a87fb1be7b13e88ae220be6 |
Hashes for bcrypt-3.0.0-cp27-cp27m-macosx_10_6_intel.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9306267aedb7ee15c1ec32a2dfd54b29d422c921dcfe42deb50a0b1a3c7aaed2 |
|
MD5 | 75061d19a59e45b9c444d28e8fb07ea3 |
|
BLAKE2b-256 | 4d05edac3d974e0b4b1c8bce8fe8840661301bc1fcae99ab9c0ff467b088fcda |
Hashes for bcrypt-3.0.0-cp26-cp26mu-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b4313d6148696050871d7eb04ef286d32f14013c810b04e34d5ea5bab99a6ba7 |
|
MD5 | 3188d4aaae8ab421ebf4890d35ed0265 |
|
BLAKE2b-256 | 8c9aec9f4545e85013b595780c16e45ddd4452a7dee5a106257b5df238a4049c |
Hashes for bcrypt-3.0.0-cp26-cp26mu-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 73f9aa33c35cdd63ab78398bf4e982568bb1fb7bcf6092db91806aba51f76ddc |
|
MD5 | 39986ee10831eef579a15c906655e3c2 |
|
BLAKE2b-256 | cf3ea9c78be6c04ffae125f1d3e783e60d8ebbbb851a49c98715d475c21123a4 |
Hashes for bcrypt-3.0.0-cp26-cp26m-win_amd64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | e5c95c11c11c3d4a1afdd4e782e81babf42aab66e203bc52d7947b72e17e4b5a |
|
MD5 | 2c61ae6c7f35eae6babffa9e9aa20680 |
|
BLAKE2b-256 | 076fc30c4ff3e15c8c9a79e8886b34adb768a39f09872240789484ab6551ffae |
Hashes for bcrypt-3.0.0-cp26-cp26m-win32.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4c5f633366522a3c6e9322c9b2e62c83676e1e7945ece2cf40fa1586d7af7a53 |
|
MD5 | 3a0f6883602946df40601d8c37518573 |
|
BLAKE2b-256 | 70d55899d71152e1ab0c3912f5b3b17b5b048d41890abb4856ff8c3e7f89902b |
Hashes for bcrypt-3.0.0-cp26-cp26m-manylinux1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 32de7aaf736773ef000239d3531e6ee08a4d609f81d1e5b291c8a9bdb30ba465 |
|
MD5 | 38af818e74c48a2f7f75b61c7d28c8a8 |
|
BLAKE2b-256 | 5cff06d1dcc37bbcc498f8c742a8f16567de4a0fa2e94e65dac08cde7bf2f561 |
Hashes for bcrypt-3.0.0-cp26-cp26m-manylinux1_i686.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8a8a98e12498be62488076a24e100de059a1ef9e82b502a5ebbbed4093468fe2 |
|
MD5 | 1fad6d5d08a82c58623ee6245e378ae5 |
|
BLAKE2b-256 | 6debcd038f9ebd3244aafea15390599b8a1901b893fc2cf5539b94e733cd9927 |