Acceptable password hashing for your software and your servers (but you should really use argon2id or scrypt)
To install bcrypt, simply:
$ pip install bcrypt
Note that bcrypt should build very easily on Linux provided you have a C compiler and a Rust compiler (the minimum supported Rust version is 1.56.0).
For Debian and Ubuntu, the following command will ensure that the required dependencies are installed:
$ sudo apt-get install build-essential cargo
For Fedora and RHEL-derivatives, the following command will ensure that the required dependencies are installed:
$ sudo yum install gcc cargo
For Alpine, the following command will ensure that the required dependencies are installed:
$ apk add --update musl-dev gcc cargo
While bcrypt remains an acceptable choice for password storage, depending on your specific use case you may also want to consider using scrypt (either via standard library or cryptography) or argon2id via argon2_cffi.
- Bump Rust dependency versions - this should resolve crashes on Python 3.13 free-threaded builds.
- We no longer build
manylinux
wheels for PyPy 3.9.
- Bump Rust dependency versions
- Removed the
BCRYPT_ALLOW_RUST_163
environment variable.
- Bump Rust dependency versions
- Publish both
py37
andpy39
wheels. This should resolve some errors relating to initializing a module multiple times per process.
- Fixed the type signature on the
kdf
method. - Fixed packaging bug on Windows.
- Fixed incompatibility with passlib package detection assumptions.
- Dropped support for Python 3.6.
- Bumped MSRV to 1.64. (Note: Rust 1.63 can be used by setting the
BCRYPT_ALLOW_RUST_163
environment variable)
- We now build PyPy
manylinux
wheels. - Fixed a bug where passing an invalid
salt
tocheckpw
could result in apyo3_runtime.PanicException
. It now correctly raises aValueError
.
bcrypt
is now implemented in Rust. Users building from source will need to have a Rust compiler available. Nothing will change for users downloading wheels.- We no longer ship
manylinux2010
wheels. Users should upgrade to the latestpip
to ensure this doesn’t cause issues downloading wheels on their platform. We now shipmanylinux_2_28
wheels for users on new enough platforms. NUL
bytes are now allowed in inputs.
- Fixed packaging of
py.typed
files in wheels so thatmypy
works.
- Added support for compilation on z/OS
- The next release of
bcrypt
with be 4.0 and it will require Rust at compile time, for users building from source. There will be no additional requirement for users who are installing from wheels. Users on most platforms will be able to obtain a wheel by making sure they have an up to datepip
. The minimum supported Rust version will be 1.56.0. - This will be the final release for which we ship
manylinux2010
wheels. Going forward the minimum supported manylinux ABI for our wheels will bemanylinux2014
. The vast majority of users will continue to receivemanylinux
wheels provided they have an up to datepip
.
- Added typehints for library functions.
- Dropped support for Python versions less than 3.6 (2.7, 3.4, 3.5).
- Shipped
abi3
Windows wheels (requires pip >= 20).
- Set a
setuptools
lower bound for PEP517 wheel building. - We no longer distribute 32-bit
manylinux1
wheels. Continuing to produce them was a maintenance burden.
- Added support for compilation on Haiku.
- Added support for compilation on AIX.
- Dropped Python 2.6 and 3.3 support.
- Switched to using
abi3
wheels for Python 3. If you are not getting a wheel on a compatible platform please upgrade yourpip
version.
- Fixed compilation with mingw and on illumos.
- Fixed a compilation issue on Solaris.
- Added a warning when using too few rounds with
kdf
.
- Fixed a compile issue affecting big endian platforms.
- Fixed invalid escape sequence warnings on Python 3.6.
- Fixed building in non-UTF8 environments on Python 2.
- Resolved a
UserWarning
when used withcffi
1.8.3.
- Added support for
checkpw
, a convenience method for verifying a password. - Ensure that you get a
$2y$
hash when you input a$2y$
salt. - Fixed a regression where
$2a
hashes were vulnerable to a wraparound bug. - Fixed compilation under Alpine Linux.
- Switched the C backend to code obtained from the OpenBSD project rather than openwall.
- Added support for
bcrypt_pbkdf
via thekdf
function.
- Added support for an adjustible prefix when calling
gensalt
. - Switched to CFFI 1.0+
Hashing and then later checking that a password matches the previous hashed password is very simple:
>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a randomly-generated salt
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt())
>>> # Check that an unhashed password matches one that has previously been
>>> # hashed
>>> if bcrypt.checkpw(password, hashed):
... print("It Matches!")
... else:
... print("It Does not Match :(")
As of 3.0.0 bcrypt
now offers a kdf
function which does bcrypt_pbkdf
.
This KDF is used in OpenSSH's newer encrypted private key format.
>>> import bcrypt
>>> key = bcrypt.kdf(
... password=b'password',
... salt=b'salt',
... desired_key_bytes=32,
... rounds=100)
One of bcrypt's features is an adjustable logarithmic work factor. To adjust
the work factor merely pass the desired number of rounds to
bcrypt.gensalt(rounds=12)
which defaults to 12):
>>> import bcrypt
>>> password = b"super secret password"
>>> # Hash a password for the first time, with a certain number of rounds
>>> hashed = bcrypt.hashpw(password, bcrypt.gensalt(14))
>>> # Check that a unhashed password matches one that has previously been
>>> # hashed
>>> if bcrypt.checkpw(password, hashed):
... print("It Matches!")
... else:
... print("It Does not Match :(")
Another one of bcrypt's features is an adjustable prefix to let you define what
libraries you'll remain compatible with. To adjust this, pass either 2a
or
2b
(the default) to bcrypt.gensalt(prefix=b"2b")
as a bytes object.
As of 3.0.0 the $2y$
prefix is still supported in hashpw
but deprecated.
The bcrypt algorithm only handles passwords up to 72 characters, any characters
beyond that are ignored. To work around this, a common approach is to hash a
password with a cryptographic hash (such as sha256
) and then base64
encode it to prevent NULL byte problems before hashing the result with
bcrypt
:
>>> password = b"an incredibly long password" * 10
>>> hashed = bcrypt.hashpw(
... base64.b64encode(hashlib.sha256(password).digest()),
... bcrypt.gensalt()
... )
This library should be compatible with py-bcrypt and it will run on Python 3.6+, and PyPy 3.
bcrypt
follows the same security policy as cryptography, if you
identify a vulnerability, we ask you to contact us privately.