Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Thin wrapper around the bcrypt library.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 bkrypt
Octocat-spinner-32 .gitignore
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.md
Octocat-spinner-32 setup.py
README.md

BKrypt

Wrapper around python-bcrypt to provide simple access to the future-proof BCrypt algorithms, for password hashing.

Generating a password hash

>>> from bkrypt import Password
>>> p = Password.create('my secret password')
>>> print(p)
$2a$04$I2KuvSCq4pF/xJeSieLcsO.xs204lqy1IuakktiI/PZxv7OwIAoWS

To get the hash string out, use p.hash or str(p).

Checking password correctness

>>> from bkrypt import Password
>>> p = Password('$2a$04$I2KuvSCq4pF/xJeSieLcsO.xs204lqy1IuakktiI/PZxv7OwIAoWS')
>>> p == 'foo'
False
>>> p == 'my secret password'
True

About the hashes

Generating stronger hashes

Note that generating a password hash for the same password will result in different hashes every time:

>>> for i in range(0, 3):
...     p = Password.create('my secret password')
...     print(p)
...
$2a$04$eddbs9i/v3xuVei.d0CPaOL7g3spzxJ/z0.naES1jjI77kFpinvfK
$2a$04$E0hc67qJ8A1xOf4IdkKpteM5o1A7sQE7PvgaC1j1HgDAXkJUagQhS
$2a$04$AYPR70TyYUXN5A9Cl6wYn.ScDSGQYPwYgi.ZkBPvkI8SOQSrF.d.u

Generating stronger hashes

To generate stronger hashes, use increased strength (12 is default). Both generating and checking then takes significantly longer, by the very design of the BCrypt algorithm, that is.

>>> p = Password.create('my secret password', strength=15)
$2a$15$3LyRjuAzvX7i8uvFbwOk4ueZ0YrS4jAj3RiRsqBX5XTJlIRJrqDZ2

Installation

The usual stuff.

$ pip install bkrypt
Something went wrong with that request. Please try again.