Skip to content
/ bcrypt Public
forked from pyca/bcrypt

Modern password hashing for your software and your servers

License

Apache-2.0 license
2 stars 172 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nubank/bcrypt

BranchesTags
 
 

Repository files navigation

bcrypt

Latest Version https://travis-ci.org/pyca/bcrypt.svg?branch=master

Modern password hashing for your software and your servers

Installation

To install bcrypt, simply:

$ pip install bcrypt

Note that bcrypt should build very easily on Linux provided you have a C compiler, headers for Python (if you’re not using pypy), and headers for the libffi libraries available on your system.

For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:

$ sudo apt-get install build-essential libffi-dev python-dev

For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:

$ sudo yum install gcc libffi-devel python-devel

Usage

Basic

Hashing and then later checking that a password matches the previous hashed password is very simple:

>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a randomly-generated salt
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
>>> # Check that a unhashed password matches one that has previously been
>>> #   hashed
>>> if bcrypt.hashpw(password, hashed) == hashed:
...     print("It Matches!")
... else:
...     print("It Does not Match :(")

Adjustable Work Factor

One of bcrypt's features is an adjustable logarithmic work factor. To adjust the work factor merely pass the desired number of rounds to bcrypt.gensalt(rounds=12) which defaults to 12):

>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a certain number of rounds
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
>>> # Check that a unhashed password matches one that has previously been
>>> #   hashed
>>> if bcrypt.hashpw(password, hashed) == hashed:
...     print("It Matches!")
... else:
...     print("It Does not Match :(")

Adjustable Prefix

Another one of bcrypt's features is an adjustable prefix to let you define what libraries you'll remain compatible with. To adjust this, pass either 2a or 2b (the default) to bcrypt.gensalt(prefix=b"2b") as a bytes object.

Maxmimum Password Length

The bcrypt algorithm only handles passwords up to 72 characters, any characters beyond that are ignored. To work around this, a common approach is to hash a password with a cryptographic hash, such as sha512 before hasing it with bcrypt:

>>> password = b"an incredibly long password" * 10
>>> hashed = bcrypt.hashpw(
...     hashlib.sha512(password).digest(),
...     bcrypt.gensalt()
... )

Compatibility

This library should be compatible with py-bcrypt and it will run on Python 2.6+, 3.3+, and PyPy.

Security

bcrypt follows the same security policy as cryptography, if you identify a vulnerability, we ask you to contact us privately.

About

Modern password hashing for your software and your servers

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

6 tags

Packages

No packages published

Languages

  • C 56.7%
  • Python 19.8%
  • Roff 16.6%
  • Assembly 4.3%
  • Makefile 2.1%
  • Shell 0.5%