class documentation

class PBKDF2PasswordHasher(BasePasswordHasher):

Known subclasses: django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher

View In Hierarchy

Secure password hashing using the PBKDF2 algorithm (recommended)

Configured to use PBKDF2 + HMAC + SHA256. The result is a 64 byte binary string. Iterations may be changed safely but you must rename the algorithm if you change SHA256.

Method decode Return a decoded database value.
Method encode Create an encoded database value.
Method harden​_runtime Bridge the runtime gap between the work factor supplied in encoded and the work factor suggested by this hasher.
Method must​_update Undocumented
Method safe​_summary Return a summary of safe values.
Method verify Check if the given password is correct.
Class Variable algorithm Undocumented
Class Variable iterations Undocumented

Inherited from BasePasswordHasher:

Method ​_check​_encode​_args Undocumented
Method ​_load​_library Undocumented
Method salt Generate a cryptographically secure nonce salt in ASCII with an entropy of at least salt_entropy bits.
Class Variable library Undocumented
Class Variable salt​_entropy Undocumented
def decode(self, encoded):

Return a decoded database value.

The result is a dictionary and should contain algorithm, hash, and salt. Extra keys can be algorithm specific like iterations or work_factor.

def encode(self, password, salt, iterations=None):

Create an encoded database value.

The result is normally formatted as "algorithm$salt$hash" and must be fewer than 128 characters.

def harden_runtime(self, password, encoded):

Bridge the runtime gap between the work factor supplied in encoded and the work factor suggested by this hasher.

Taking PBKDF2 as an example, if encoded contains 20000 iterations and self.iterations is 30000, this method should run password through another 10000 iterations of PBKDF2. Similar approaches should exist for any hasher that has a work factor. If not, this method should be defined as a no-op to silence the warning.

def must_update(self, encoded):
def safe_summary(self, encoded):

Return a summary of safe values.

The result is a dictionary and will be used where the password field must be displayed to construct a safe representation of the password.

def verify(self, password, encoded):
Check if the given password is correct.
iterations: int =

Undocumented