Problem Formulation and Solution Overview
To make it more interesting, we have the following running scenario:
Below are various ways to accomplish this task.
Method 1: Use encode(), digest() and hexdigest()
This example imports Python’s built-in hashlib
library, and calls encode()
and digest()
to convert a password into an unrecognizable string.
import hashlib pwd_orig = 'dDbxr9K9i%1&'.encode() pwd_tmp = hashlib.sha256(pwd_orig) pwd_hash = pwd_tmp.digest() pwd_secure = pwd_tmp.hexdigest() print(pwd_secure)
The above code imports the hashlib
library, which contains various ways to deal with converting raw messages into an encrypted format.
Then, a password is declared, converted to a byte object using encode()
and saved to pwd_orig
. If output to the terminal, the contents would be as follows.
b'dDbxr9K9i%1&' |
π‘Note: This variable could be modified to retrieve data from a form submission where users sign up/join.
Next, hashlib.sha256()
is called and passed one (1) argument, pwd_orig
. The results save to pwd_tmp
as a hash object. If output to the terminal, the contents would be similar to below.
<sha256 _hashlib.HASH object @ 0x00000266C9183CB0> |
Then, a binary hash is generated using digest()
and saved to pwd_hash
. If output to the terminal, the contents would be as follows.
b'#\xa7\xb5\x82?\xf6\xdc\xbcE<\x195\xf51\xf7\xe0Y\xfa\xf8o\x08B\xb4\x8b\xc0]\xd4\x97\x8fx\xd5\xd3' |
To make it more readable, hexdigest()
is applied to pwd_tmp
and saved to pwd_secure
. The final output is as follows.
23a7b5823ff6dcbc453c1935f531f7e059faf86f0842b48bc05dd4978f78d5d3 |
Method 2: Use encode(), gensalt() and hashpw()
This example imports Python’s built-in hashlib
library, and calls encode()
, gensalt()
and hashpw()
to convert a password into an unrecognizable string.
import bcrypt pwd_orig = 'dDbxr9K9i%1&'.encode() pwd_salt = bcrypt.gensalt() pwd_hash = bcrypt.hashpw(pwd_orig, salt) print(pwd_hash)
The above code imports the bcrypt
library, which offers a modern password hashing option for software and servers
Then, a password is declared, converted to a byte object using encode()
and saved to pwd_orig
. If output to the terminal, the contents would be as follows.
b'dDbxr9K9i%1&' |
Next, bcrypt.gensalt()
is called and the results save to salt
. If output to the terminal, the contents would be as follows.
b'$2b$12$PX9hle0JZ/b9hIHkLrGhr.' |
π‘ Note: Salt is a fixed-length random cryptographically-based value added to hash functions to create uniqueness.
Finally, bcrypt.hashpw()
is called and passed two (2) arguments: pwd_orig
and salt
. The results save to pwd_hash
and output to the terminal.
b'$2b$12$2NBY9452IhDGRMI1Rnof1OHQrv3MuLo1aqtwOQWhZpbo7qVR6NeKq' |
Method 3: Use encode, digest(), md5() and hexdigest()
This example runs along the same lines as Method 1. However, we do something slightly different here (we use md5()
) to convert a password into an unrecognizable string.
The md5()
function method creates an object that calculates the hash value of a specified string.
import hashlib pwd_orig = 'dDbxr9K9i%1&' + 'FiNxt#r' pwd_hash = hashlib.md5(pwd_orig.encode()) pwd_hash = pwd_hash.hexdigest() print(pwd_hash)
The above code imports the hashlib
library, which contains various ways to deal with converting raw messages into an encrypted format.
Then, a password is declared and an extra value is appended ('FiNxt#r'
). The results save to pwd_orig
. If output to the terminal, the contents would be as follows.
dDbxr9K9i%1&FiNxt#r |
Next, hashlib.md5()
is called and passed one (1) argument, pwd_orig.encode()
. The results return an md5 object. If output to the terminal, the contents would be as follows.
<md5 _hashlib.HASH object @ 0x000001E88B8F3CB0> |
Then, a binary hash is generated using digest()
and saved to pwd_hash
. If output to the terminal, the contents would be as follows.
1eec076908598a2f62f6529fb22a8625 |
Bonus: One-Liner
This example uses a one-liner to accomplish the same tasks as above.
import hashlib as h;print(h.md5(b'hello world').hexdigest())
Output from the above is as follows.
f84412f77da4eadb04132dba1c5fe3c7 |
The above code takes the one-liner to a new level!
Summary
This article has provided four (4) ways to Generate a Password Hash to select the best fit for your coding requirements.
Good Luck & Happy Coding!