Passlib 1.6.2 documentation


Passlib is a password hashing library for Python 2 & 3, which provides cross-platform implementations of over 30 password hashing algorithms, as well as a framework for managing existing password hashes. It’s designed to be useful for a wide range of tasks, from verifying a hash found in /etc/shadow, to providing full-strength password hashing for multi-user application.

As a quick sample, the following code hashes and then verifies a password using the SHA256-Crypt algorithm:

>>> # import the hash algorithm
>>> from passlib.hash import sha256_crypt

>>> # generate new salt, and hash a password
>>> hash = sha256_crypt.encrypt("toomanysecrets")
>>> hash

>>> # verifying the password
>>> sha256_crypt.verify("toomanysecrets", hash)
>>> sha256_crypt.verify("joshua", hash)

Content Summary

Introductory Materials

requirements & installation instructions
Library Overview
describes how Passlib is laid out
New Application Quickstart
choosing a password hash for new applications

Password Hashing Algorithms

all the password hashes supported by Passlib –
PasswordHash interface
examples & documentation of the common hash interface used by all the hash algorithms in Passlib.

CryptContext Objects

provides the CryptContext class, a flexible container for managing and migrating between multiple hash algorithms.
predefined CryptContext objects for managing the hashes used by MySQL, PostgreSQL, OpenLDAP, and others applications.
predefined CryptContext objects for managing the hashes found in Linux & BSD “shadow” files.

Application Helpers

classes for manipulating Apache’s htpasswd and htdigest files.
Django plugin which monkeypatches support for (almost) any hash in Passlib.

Other Documents

Modular Crypt Format
reference listing “modular crypt format” support across Unix systems.
Passlib’s release history