How to Implement Password Hashing in Python

 πŸ” What is Password Hashing?

Password hashing converts a plain text password into a fixed, scrambled string using a one-way function. This helps store passwords securely — even if someone accesses the database, they can't easily get the original password.


✅ Recommended Library: bcrypt

bcrypt is a popular Python library for hashing passwords. It’s secure and easy to use.


πŸ”§ Step-by-Step Guide

1. Install bcrypt (if not already installed):

bash

Copy

Edit

pip install bcrypt

2. Hash a Password

python

Copy

Edit

import bcrypt


# Plain text password (e.g., from user input)

password = "my_secure_password"


# Convert to bytes

password_bytes = password.encode('utf-8')


# Generate a salt and hash the password

hashed = bcrypt.hashpw(password_bytes, bcrypt.gensalt())


print("Hashed password:", hashed)

πŸ” The result will look like:

b'$2b$12$wVQKqG5yUVz7UZRxrI5YDeSR2Tu5RAuPcv8ya8Y1BzN.9EOgJ5Vpu'


3. Verify a Password (Login Scenario)

python

Copy

Edit

# User enters password during login

entered_password = "my_secure_password"

entered_password_bytes = entered_password.encode('utf-8')


# Check if the entered password matches the stored hash

if bcrypt.checkpw(entered_password_bytes, hashed):

    print("Password is correct!")

else:

    print("Password is incorrect.")

⚠️ Important Tips

Always store only the hashed password in your database — never plain text.


Do not try to "decrypt" a hash. Hashing is a one-way process.


Use a unique salt (bcrypt handles this for you) to protect against rainbow table attacks.


πŸ“Œ Summary

Action Code

Hash password bcrypt.hashpw()

Verify password bcrypt.checkpw()

Store in DB Store the output of hashpw() as bytes or string

Learn Full Stack Python Course in Hyderabad

Read More

Understanding OAuth2 in Full Stack Python Applications

Building Secure Login and Registration Systems with Python

Understanding CSRF Protection in Django for Full Stack Python Apps

Full Stack Python: Protecting Your Application from SQL Injection

Visit Our IHUB Talent Training Institute in Hyderabad

Get Directions

Comments

Post a Comment

Popular posts from this blog

How to Install and Set Up Selenium in Python (Step-by-Step)

 Here’s your step-by-step guide to installing and setting up Selenium in Python — perfect if you're just getting started with browser automation. πŸš€ 🐍 Step 1: Install Python If you haven’t already: Download Python: https://www.python.org/downloads/ Make sure to check the box "Add Python to PATH" during installation Verify installation: bash Copy Edit python --version pip --version πŸ“¦ Step 2: Install Selenium Library Open your terminal or command prompt and run: bash Copy Edit pip install selenium To verify: bash Copy Edit pip show selenium 🌐 Step 3: Download WebDriver for Your Browser Depending on what browser you want to automate: πŸ”Ή Chrome: Download ChromeDriver: ➡️ https://sites.google.com/chromium.org/driver/ Make sure the driver version matches your installed Chrome version. πŸ”Ή Firefox: Download GeckoDriver: ➡️ https://github.com/mozilla/geckodriver/releases Unzip and place the executable somewhere on your system, like: Windows: C:\WebDrivers\ Mac/Linux: /usr/local...
Read more

Tosca for API Testing: A Step-by-Step Tutorial

Tosca for API Testing: A Step-by-Step Tutorial Tricentis Tosca is a powerful and user-friendly test automation tool that supports a wide range of testing types — including API testing. With Tosca, you can easily design, automate, and execute API tests without writing any code. It supports REST, SOAP, and other service types, making it a great choice for end-to-end API validation. 🧰 What is Tosca API Testing? Tosca’s API testing allows testers to: Send requests (GET, POST, PUT, DELETE, etc.) Validate responses (status codes, body, headers) Chain requests and share data between them Perform security, load, and functional tests on APIs ✅ Step-by-Step Guide: Tosca API Testing πŸ”Ή Step 1: Open Tosca and Create a Workspace Launch Tosca Commander Create a new workspace (or open an existing one) Choose the workspace type as Multi-user or Single-user based on your setup πŸ”Ή Step 2: Add a New API Test Case Navigate to the Modules section. Right-click and choose Scan > API Scan. The API Scan wi...
Read more

Feeling Stuck in Manual Testing? Here’s Why You Should Learn Automation Testing

Feeling Stuck in Manual Testing? Here’s Why You Should Learn Automation Testing Are you feeling like your manual testing career is hitting a ceiling? You’re not alone. Many QA professionals start their careers in manual testing but soon realize the need to level up. If you’re wondering what’s next, automation testing might just be the breakthrough you need. Why Manual Testing Isn’t Enough Anymore Manual testing is essential, especially in exploratory, usability, and ad-hoc testing scenarios. But as applications grow more complex and development cycles become shorter, manual testing can’t keep up. Companies are looking for faster, more efficient testing methods—and that’s where automation comes in. Here are a few signs that you're stuck in manual testing: Repeating the same test cases for every build Working on tight deadlines with limited test coverage Seeing peers move ahead with automation skills Lack of growth in responsibilities or pay scale If any of this sounds familiar, it...
Read more