The Passlib documentation has moved to https://passlib.readthedocs.io

passlib.hash - Password Hashing Schemes

Overview

The passlib.hash module contains all the password hash algorithms built into Passlib. While each hash has its own options and output format, they all inherit from the PasswordHash base interface. The following pages describe each hash in detail, including its format, underlying algorithm, and known security issues.

Danger

Many of the hash algorithms listed below are *NOT* secure.

Passlib supports a wide array of hash algorithms, primarily to support legacy data and systems. If you want to choose a secure algorithm for a new application, see the Quickstart Guide.

See also

PasswordHash Tutorial – for general usage examples

Unix Hashes

Aside from “archaic” schemes such as des_crypt, most of the password hashes supported by modern Unix flavors adhere to the modular crypt format, allowing them to be easily distinguished when used within the same file. The basic of format $scheme$hash has also been adopted for use by other applications and password hash schemes.

Active Unix Hashes

All the following schemes are actively in use by various Unix flavors to store user passwords They all follow the modular crypt format.

Special note should be made of the following fallback helper, which is not an actual hash scheme, but implements the “disabled account marker” found in many Linux & BSD password files:

Deprecated Unix Hashes

The following schemes are supported by various Unix systems using the modular crypt format, but are no longer considered secure, and have been deprecated in favor of the Active Unix Hashes (above).

Archaic Unix Hashes

The following schemes are supported by certain Unix systems, but are considered particularly archaic: Not only do they predate the modular crypt format, but they’re based on the outmoded DES block cipher, and are woefully insecure:

Other “Modular Crypt” Hashes

The modular crypt format is a loose standard for password hash strings which started life under the Unix operating system, and is used by many of the Unix hashes (above). However, it’s it’s basic $scheme$hash format has also been adopted by a number of application-specific hash algorithms:

Active Hashes

While most of these schemes generally require an application-specific implementation, natively used by any Unix flavor to store user passwords, they can be used compatibly along side other modular crypt format hashes:

Deprecated Hashes

The following are some additional application-specific hashes which are still occasionally seen, use the modular crypt format, but are rarely used or weak enough that they have been deprecated:

LDAP / RFC2307 Hashes

All of the following hashes use a variant of the password hash format used by LDAPv2. Originally specified in RFC 2307 and used by OpenLDAP [1], the basic format {SCHEME}HASH has seen widespread adoption in a number of programs.

Standard LDAP Schemes

The following schemes are explicitly defined by RFC 2307, and are supported by OpenLDAP.

Non-Standard LDAP Schemes

None of the following schemes are actually used by LDAP, but follow the LDAP format:

MS Windows Hashes

The following hashes are used in various places by Microsoft Windows. As they were designed for “internal” use, they generally contain no identifying markers, identifying them is pretty much context-dependant.

Cisco Hashes

Cisco IOS

The following hashes are used in various places on Cisco IOS, and are usually referred to by a Cisco-assigned “type” code:

  • passlib.hash.md5_crypt – “Type 5” hashes are actually just the standard Unix MD5-Crypt hash, the format is identical.
  • passlib.hash.cisco_type7 – “Type 7” isn’t actually a hash, but a reversible encoding designed to obscure passwords from idle view.
  • “Type 8” hashes are based on PBKDF2-HMAC-SHA256; but not currently supported by passlib (issue 87).
  • “Type 9” hashes are based on scrypt; but not currently supported by passlib (issue 87).

Cisco PIX & ASA

Separately from this, Cisco PIX & ASA firewalls have their own hash formats, generally identified by the “format” parameter in the username user password hash format config line they occur in. The following are known & handled by passlib:

  • passlib.hash.cisco_pix – PIX “encrypted” hashes use a simple unsalted MD5-based algorithm.
  • passlib.hash.cisco_asa – ASA “encrypted” hashes use a similar algorithm to PIX, with some minor improvements.
  • ASA “nt-encrypted” hashes are the same as passlib.hash.nthash, except that they use base64 encoding rather than hexadecimal.
  • ASA 9.5 added support for “pbkdf2” hashes (based on PBKDF2-HMAC-SHA512); which aren’t currently supported by passlib (issue 87).

Other Hashes

The following schemes are used in various contexts, but have formats or uses which cannot be easily placed in one of the above categories:

Footnotes

[1]OpenLDAP homepage - http://www.openldap.org/.