Clone wiki

passlib / Home

Passlib 1.7.2 is out!

We're happy to announce Passlib 1.7.2. The 1.7 series has been a while in coming, and has a lot of great improvements...

  • Argon2 & Scrypt hash support
  • TOTP support
  • PBKDF2 now has faster builtin backend, and utilizes other backends where available
  • Lots of API cleanups and internal refactoring
  • HtpasswdFile reader is now more flexible, and with improved security options.
  • Refreshed documentation

See the release notes for more details.


Passlib is a password hashing library for Python 2 & 3, which provides cross-platform implementations of over 30 password hashing algorithms, as well as a framework for managing existing password hashes. It's designed to be useful for a wide range of tasks, from verifying a hash found in /etc/shadow, to providing full-strength password hashing for multi-user application.

  • See the documentation for details, installation instructions, and examples.
  • Visit PyPI for the latest stable release. All releases are signed with the gpg key 4D8592DF4CE1ED31.

Recent Updates

  • 2019-11-22 Passlib 1.7.2 released, providing argon2 "id" support, python 3.8 compat and other fixes.
  • 2017-01-30 Passlib 1.7.1 released, providing an important fix to the cisco_asa & cisco_pix hashes.
  • 2016-11-22 Passlib 1.7.0 released, featuring a large number of fixes, updated, and new features.
  • 2015-08-04: Passlib 1.6.5 released, with some minor test suite fixes.
  • 2015-07-25: Passlib 1.6.4 released, with a handful of bug & compatibility fixes.
  • 2015-07-23: Passlib's home page has moved from google code to


A quick example of using passlib to integrate into a new application:

>>> # import the example context object under an app-specific name (so it can easily be replaced later)
>>> from passlib.apps import custom_app_context as pwd_context

>>> # encrypting a password...
>>> hash = pwd_context.hash("somepass")
>>> hash

>>> # verifying a password...
>>> ok = pwd_context.verify("somepass", hash)
>>> ok = pwd_context.verify("letmein", hash)

For more details and an extended set of examples, see the full documentation; This example barely touches on the range of features available.


Passlib's source repository uses Mercurial. When building Passlib from an hg clone, note that there are two main branches: default and stable.

  • default is the bleeding edge of the next major release. It may sometimes be of alpha quality.
  • stable is the latest released version plus any pending bugfixes, and should be safe to use in production.