Make Django use bcrypt for hashing passwords.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for scjody from gravatar.com scjody Avatar for sfllaw from gravatar.com sfllaw Avatar for stevelosh from gravatar.com stevelosh

Unverified details

These details have not been verified by PyPI
Project links
Meta

Project description

You should be using bcrypt.

django-bcrypt makes it easy to use bcrypt to hash passwords with Django.

Installation and Usage

Install the package with pip and Mercurial or git:

pip install -e hg+http://bitbucket.org/dwaiter/django-bcrypt#egg=django-bcrypt

# or ...

pip install -e git://github.com/dwaiter/django-bcrypt.git#egg=django-bcrypt

Add django_bcrypt to your INSTALLED_APPS.

That’s it.

Any new passwords set will be hashed with bcrypt. Old passwords will still work fine.

Configuration

You can set BCRYPT_ROUNDS in settings.py to change the number of rounds django-bcrypt uses. The default is 12.

You can change the number of rounds without breaking already-hashed passwords. New passwords will use the new number of rounds, and old ones will use the old number.

Acknowledgements

This is pretty much a packaged-up version of this blog post for easier use.

It also depends on the py-bcrypt library.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page