Passlib 1.7.2 is out!
We're happy to announce Passlib 1.7.2. The 1.7 series has been a while in coming, and has a lot of great improvements...
- Argon2 & Scrypt hash support
- TOTP support
- PBKDF2 now has faster builtin backend, and utilizes other backends where available
- Lots of API cleanups and internal refactoring
- HtpasswdFile reader is now more flexible, and with improved security options.
- Refreshed documentation
See the release notes for more details.
Passlib is a password hashing library for Python 2 & 3, which provides cross-platform implementations of over 30 password hashing algorithms, as well as a framework for managing existing password hashes. It's designed to be useful for a wide range of tasks, from verifying a hash found in /etc/shadow, to providing full-strength password hashing for multi-user application.
- 2019-11-22 Passlib 1.7.2 released, providing argon2 "id" support, python 3.8 compat and other fixes.
- 2017-01-30 Passlib 1.7.1 released, providing an important fix to the cisco_asa & cisco_pix hashes.
- 2016-11-22 Passlib 1.7.0 released, featuring a large number of fixes, updated, and new features.
- Additionally, the documentation has moved from pythonhosted.org to https://passlib.readthedocs.io
- 2015-08-04: Passlib 1.6.5 released, with some minor test suite fixes.
- 2015-07-25: Passlib 1.6.4 released, with a handful of bug & compatibility fixes.
- 2015-07-23: Passlib's home page has moved from google code to http://bitbucket.org/ecollins/passlib.
A quick example of using passlib to integrate into a new application:
>>> # import the example context object under an app-specific name (so it can easily be replaced later) >>> from passlib.apps import custom_app_context as pwd_context >>> # encrypting a password... >>> hash = pwd_context.hash("somepass") >>> hash '$6$rounds=36122$kzMjVFTjgSVuPoS.$zx2RoZ2TYRHoKn71Y60MFmyqNPxbNnTZdwYD8y2atgoRIp923WJSbcbQc6Af3osdW96MRfwb5Hk7FymOM6D7J1' >>> # verifying a password... >>> ok = pwd_context.verify("somepass", hash) True >>> ok = pwd_context.verify("letmein", hash) False
For more details and an extended set of examples, see the full documentation; This example barely touches on the range of features available.
- Homepage - https://bitbucket.org/ecollins/passlib
- Documentation - https://passlib.readthedocs.io
- Mailing list - https://groups.google.com/group/passlib-users
- Downloads - https://pypi.python.org/pypi/passlib
- Source - https://bitbucket.org/ecollins/passlib/src
- Issues - https://bitbucket.org/ecollins/passlib/issues
- Roadmap - https://bitbucket.org/ecollins/passlib/wiki/Roadmap
Passlib's source repository uses Mercurial. When building Passlib from an hg clone, note that there are two main branches: default and stable.
- default is the bleeding edge of the next major release. It may sometimes be of alpha quality.
- stable is the latest released version plus any pending bugfixes, and should be safe to use in production.