Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

A git mirror of django-bcrypt.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 django_bcrypt
Octocat-spinner-32 docs Doc links. August 17, 2011
Octocat-spinner-32 .hgignore
Octocat-spinner-32 .hgtags Added tag v0.9.2 for changeset 8e6510cf2c14 April 28, 2011
Octocat-spinner-32 LICENSE
Octocat-spinner-32 MANIFEST.in
Octocat-spinner-32 README.rst
Octocat-spinner-32 setup.py
README.rst

django-bcrypt

You should be using bcrypt.

django-bcrypt makes it easy to use bcrypt to hash passwords with Django.

Installation and Usage

Install the package with pip and Mercurial or git:

pip install -e hg+http://bitbucket.org/dwaiter/django-bcrypt#egg=django-bcrypt

# or ...

pip install -e git://github.com/dwaiter/django-bcrypt.git#egg=django-bcrypt

Add django_bcrypt to your INSTALLED_APPS.

That's it.

Any new passwords set will be hashed with bcrypt. Old passwords will still work fine.

Configuration

You can configure how django-bcrypt behaves with a few settings in your settings.py file.

BCRYPT_ENABLED

Enables bcrypt hashing when User.set_password() is called.

Default: True

BCRYPT_ENABLED_UNDER_TEST

Enables bcrypt hashing when running inside Django TestCases.

Default: False (to speed up user creation)

BCRYPT_ROUNDS

Number of rounds to use for bcrypt hashing. Increase this as computers get faster.

You can change the number of rounds without breaking already-hashed passwords. New passwords will use the new number of rounds, and old ones will use the old number.

Default: 12

BCRYPT_MIGRATE

Enables bcrypt password migration on a check_password() call.

The hash is also migrated when BCRYPT_ROUNDS changes.

Default: False

Acknowledgements

This is pretty much a packaged-up version of this blog post for easier use.

It also depends on the py-bcrypt library.

Something went wrong with that request. Please try again.