Python modules you should know: bcrypt

April 28, 2012 at 08:05 AM | categories: Python, PyMYSK, Howto | View Comments

Next in our series of Python modules you should know is bcrypt. I previously wrote about the passlib package which you can use to manage passwords, in some cases a fully featured password management package is not what you want. The bcrypt package is small and allows you to manage passwords using OpenBSD's BCrypt hashing scheme. It is in fact used by passlib in the background to handle BCrypt hashes.

Home page

Use

py-bcrypt is a Python wrapper of OpenBSD's Blowfish password hashing code, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazières.

This system hashes passwords using a version of Bruce Schneier's Blowfish block cipher with modifications designed to raise the cost of off-line password cracking and frustrate fast hardware implementation. The computation cost of the algorithm is parametised, so it can be increased as computers get faster. The intent is to make a compromise of a password database less likely to result in an attacker gaining knowledge of the plaintext passwords (e.g. using John the Ripper).

The module allows you to safely store passwords using Python.

Installation

pip install py-bcrypt

Usage

The usage is very simple.

import bcrypt
# generate the hash
hashed = bcrypt.hashpw('password', bcrypt.gensalt())
# compare hash with a password
if bcrypt.hashpw('password', hashed) == hashed:
    print "matched"
else:
    print "failed"
print hashed

Output:

'$2a$12$rK9jIjKu3wRMEf/E6pv9uuqXFmeg.WlBA3jT7uwKb71o1ZSt1xIIW'

Thats it, nice and sweet.

blog comments powered by Disqus