New in version 1.6.
This hash is not very secure, and should mainly be used to verify existing cached credentials.
This class implements the DCC (Domain Cached Credentials) hash, used by Windows to cache and verify remote credentials when the relevant server is unavailable. It is known by a number of other names, including “mscache” and “mscash” (Microsoft CAched haSH). Security wise it is not particularly strong, as it’s little more than nthash salted with a username. It was replaced by msdcc2 in Windows Vista. This class can be used directly as follows:
>>> from passlib.hash import msdcc >>> # encrypt password using specified username >>> hash = msdcc.encrypt("password", user="Administrator") >>> hash '25fd08fa89795ed54207e6e8442a6ca0' >>> # verify correct password >>> msdcc.verify("password", hash, user="Administrator") True >>> # verify correct password w/ wrong username >>> msdcc.verify("password", hash, user="User") False >>> # verify incorrect password >>> msdcc.verify("letmein", hash, user="Administrator") False
This class implements Microsoft’s Domain Cached Credentials password hash, and follows the Password Hash Interface.
It has a fixed number of rounds, and uses the associated username as the salt.
|Parameters:||user (str) –
String containing name of user account this password is associated with. This is required to properly calculate the hash.
This keyword is case-insensitive, and should contain just the username (e.g. Administrator, not SOMEDOMAIN\Administrator).
Note that while this class outputs lower-case hexidecimal digests, it will accept upper-case digests as well.
Much like lmhash and nthash, MS DCC hashes consists of a 16 byte digest, usually encoded as 32 hexidecimal characters. An example hash (of "password" with the account "Administrator") is 25fd08fa89795ed54207e6e8442a6ca0.
The digest is calculated as follows:
This algorithm is should not be used for any purpose besides manipulating existing DCC v1 hashes, due to the following flaws:
|||Description of DCC v1 algorithm - http://openwall.info/wiki/john/MSCash|