django-bcrypt makes it easy to use bcrypt to hash passwords with Django.
- Mercurial: http://bitbucket.org/dwaiter/django-bcrypt/
- Git: http://github.com/dwaiter/django-bcrypt/
- Documentation: http://django-bcrypt.rtfd.org/
- Issues: http://bitbucket.org/dwaiter/django-bcrypt/issues?status=new&status=open
Installation and Usage
pip install -e hg+http://bitbucket.org/dwaiter/django-bcrypt#egg=django-bcrypt # or ... pip install -e git://github.com/dwaiter/django-bcrypt.git#egg=django-bcrypt
django_bcrypt to your
Any new passwords set will be hashed with bcrypt. Old passwords will still work fine.
You can configure how django-bcrypt behaves with a few settings in your
Enables bcrypt hashing when
User.set_password() is called.
Enables bcrypt hashing when running inside Django TestCases.
False (to speed up user creation)
Number of rounds to use for bcrypt hashing. Increase this as computers get faster.
You can change the number of rounds without breaking already-hashed passwords. New
passwords will use the new number of rounds, and old ones will use the old number,
BCRYPT_MIGRATE is enabled, in which case old ones will be rehashed during
login to use the new number of rounds.
The number of rounds bcrypt actually uses is 2^N. So when this is
uses 4096 rounds.
Enables bcrypt password migration on a
check_password() call. Use this to
migrate an existing deployment (that's using the default auth) over to bcrypt.
The hash is also migrated when
This is pretty much a packaged-up version of this blog post for easier use.
It also depends on the py-bcrypt library.