:key: Idiotproof golang password validation library inspired by Python's passlib

Related tags

Cryptography passlib

passlib for go

godocs.io Build status No modules 100% modules-free.

Python's passlib is quite an amazing library. I'm not sure there's a password library in existence with more thought put into it, or with more support for obscure password formats.

This is a skeleton of a port of passlib to Go. It dogmatically adopts the modular crypt format, which passlib has excellent documentation for.

Currently, it supports:

  • Argon2i
  • scrypt-sha256
  • sha512-crypt
  • sha256-crypt
  • bcrypt
  • passlib's bcrypt-sha256 variant
  • pbkdf2-sha512 (in passlib format)
  • pbkdf2-sha256 (in passlib format)
  • pbkdf2-sha1 (in passlib format)

By default, it will hash using scrypt-sha256 and verify existing hashes using any of these schemes.

Example Usage

There's a default context for ease of use. Most people need only concern themselves with the functions Hash and Verify:

// Hash a plaintext, UTF-8 password.
func Hash(password string) (hash string, err error)

// Verifies a plaintext, UTF-8 password using a previously derived hash.
// Returns non-nil err if verification fails.
// Also returns an upgraded password hash if the hash provided is
// deprecated.
func Verify(password, hash string) (newHash string, err error)

Here's a rough skeleton of typical usage.

import "gopkg.in/hlandau/passlib.v1"

func RegisterUser() {

  password := get a (UTF-8, plaintext) password from somewhere

  hash, err := passlib.Hash(password)
  if err != nil {
    // couldn't hash password for some reason

  (store hash in database, etc.)

func CheckPassword() bool {
  password := get the password the user entered
  hash := the hash you stored from the call to Hash()

  newHash, err := passlib.Verify(password, hash)
  if err != nil {
    // incorrect password, malformed hash, etc.
    // either way, reject
    return false

  // The context has decided, as per its policy, that
  // the hash which was used to validate the password
  // should be changed. It has upgraded the hash using
  // the verified password.
  if newHash != "" {
    (store newHash in database, replacing old hash)

  return true

scrypt Modular Crypt Format

Since scrypt does not have a pre-existing modular crypt format standard, I made one. It's as follows:


...where N, r and p are the respective difficulty parameters to scrypt as positive decimal integers without leading zeroes, and salt and hash are base64-encoded binary strings. Note that the RFC 4648 base64 encoding is used (not the one used by sha256-crypt and sha512-crypt).


passlib is partially derived from Python's passlib and so maintains its BSD license.

© 2008-2012 Assurance Technologies LLC.  (Python passlib)  BSD License
© 2014 Hugo Landau <[email protected]>  BSD License
  • Add argon2 crypter

    Add argon2 crypter

    Adds an argon2 crypter and promote it as the default scheme.

    Argon2 is the winner of the password hashing competition and is now available in other languages: PHP, Javascript, Ruby etc.

    The crypter uses the pure go implementation of argon2 here: https://godoc.org/golang.org/x/crypto/argon2

    Closes #4

    opened by F21 4
  • Password migration?

    Password migration?

    First of all, thanks for this package! No nonsense, works as expected, and easy to extend. 👍

    For an app I'm working on, I wrote a small wrapper for the phpass package (used to authenticate users after a migration from Wordpress). However I'd also love to be able to migrate those users to more secure password hashes transparently as they sign in. But at the moment, Verify() only returns new hashes computed with the same algorithm as the "old" one.

    So would it be possible to either:

    • add a global (per-context) flag to "force" upgrading old hashes to the first in the context schemes?
    • or add a DeprecatedSchemes field to the passlib context that contain schemes that can be used to check passwords, but which will always trigger an upgrade to one in the normal Schemes?

    IMO the latter would be nicer. It's also similar to what the Python passlib does. What do you think? (I'm interested in writing a patch myself to implement whichever you prefer...)

    opened by Schnouki 3
  • PBKDF2 salt length is only 16 bytes?

    PBKDF2 salt length is only 16 bytes?


    A 15 year old book recommends at least 32 bytes: https://stackoverflow.com/a/9622855

    Even if you leave the salt length as-is, a code comment for SaltLength would be nice explaining the rationale.

    P.S. yesterday I coded up a super small https://github.com/function61/gokit/blob/master/storedpassword/ package. After writing it, I searched around and found your library. I got many improvements by studying this design (for example Verify() returns upgraded version automatically), and am considering on just ditching my own and using this.. only advantage my library has is that it's smaller and serialization is simpler by embedding the cost parameter in algorithm id.

    opened by joonas-fi 2
  • Add pbkdf2 derivative support in line with Pythons PassLib standards.

    Add pbkdf2 derivative support in line with Pythons PassLib standards.

    Requires custom base64 encoding/decoding as per the ab64_* methods in Python's PassLib. Substitutes + for . in the encoded version and vice versa when decoding.

    Includes tests to verify comparability with Python generated hashes.

    Includes benchmarks to compare derivatives.

    Adds all deriviatives to default verify context.

    Update README.md to include new methods and create a standard list to make it easier to read. Also remove TODO item.

    opened by tomtom5152 2
  • It should be possible to set DefaultSchemes using strings

    It should be possible to set DefaultSchemes using strings

    If you're building a piece of software that plugs in to existing systems, you need to be able to configure the set of hashes that passlib will use, since unless you're using passlib (or maybe the Python version of passlib) everywhere, the chances are that the set of hashes that are supported is smaller than that supported by passlib, and you don't want passlib "upgrading" to a hash that other system components don't support.

    It's possible, of course, to import all the sub-packages in passlib and build a DefaultSchemes array yourself, but really there should be functionality in passlib to allow you to pass in a list of string tokens that passlib then converts to abstract.Schemes itself.

    opened by al45tair 1
  • Example of how to change the hashing scheme from user code

    Example of how to change the hashing scheme from user code

    Can you please provide a simple example of how to change the hashing scheme preference from the user code. I am trying to create a Context with different order but as soon as I import the hashing packages, I start getting duplicate exported symbol errors.

    opened by kuchlous 1
  • Metrics


    I almost decided to use this library (and contribute PBKDF2). Then I found dependency on your metrics library. I like metrics too, but I don't think that hard dependency inside library (as apposed to application) is a good thing. Please consider to remove it.

    opened by AlekSi 1
Hugo Landau
Hugo Landau
Public key derivator for ECDSA (without knowledge of the private key)

A proof of concept of a public key derivation for ECDSA (without knowledge of the private key) It is a demonstration of how to implement a simple key

null 0 Nov 9, 2022
A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go 🔑

simple-scrypt simple-scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys ("h

Matt Silverlock 183 Dec 22, 2022
Slides about IOTA transactions, validation and consensus


null 107 Oct 14, 2022
A simple and lightweight encrypted password manager written in Go.

Osiris Password Manager A simple and lightweight encrypted password manager written in Go

null 32 Jun 16, 2022
Secret - Encrypt anything with a password

Secret - Encrypt anything with a password Ever wanted to hide a file? Now you can do it really easily! Usage secret {-e/--encrypt | -d/--decrypt} <sou

Ishan Goel 32 Aug 10, 2022
 🚀 cpwd is create password tool

cpwd ?? cpwd is create password tool Install source code git clone https://github.com/songqii/cpwd_code.git cd $GOPATH/src/cpwd_code go build brew br

absolute-SQ 1 Dec 29, 2021
Use the HashPassword function to generate a hashed value for the provided password

hasher Use the 'HashPassword' function to generate a hashed value for the provided password. h, err := hasher.HashPassword("password") // h == XohImNo

null 0 Nov 1, 2021
Blooming Password

Blooming Password A program that implements the NIST 800-63-3b Banned Password Check using a bloom filter built from the Have I been pwned SHA1 passwo

Predrag Cujanović 3 Oct 13, 2022
eval the strength of a password

mpasswordeval eval the strength of a password 校验密码的安全性 包含以下几点校验 常规规则校验 密码长度 (必须指定) 是否包含数字 是否包含大写字母 是否包含小写字母 是否包含特殊符号 是否通过zxcvbn 是否通过pwned 是否在常用弱密码 使用示

jiamingm 2 Nov 22, 2022
profane password? generator

profaneword profane password generator (probably insecure), as suggested by u/gatestone. This is still missing some requirements: special characters e

Mikkel Hofstedt Juul 3 Apr 21, 2022
A tiny secure-random password generator

go-psw A tiny golang tool for generating a crypto-random password in a terminal. Installation go install github.com/hedhyw/go-psw/cmd/[email protected] Usage

Maxim Krivchun 1 Jun 23, 2022
Mini Blockchain Implementation In Golang Inspired by Go-Ethereum🚀

JP Blockchain ?? ?? Mini Blockchain Implementation In Golang Inspired by Go Ethereum & BlockChain Bar by Lukas (Web3Coach) Features Working Core Compo

Oren Leung 4 Aug 8, 2022
Sekura is an Encryption tool that's heavily inspired by the Rubberhose file system.

It allows for multiple, independent file systems on a single disk whose existence can only be verified if you posses the correct password.

null 52 Oct 16, 2022
A multiformat-inspired go module for working with multiple kinds of keypairs.

A multiformat-inspired go module for working with multiple kinds of keypairs.

kubelt 24 Apr 4, 2022
Loosely inspired by Terry A. Davis's gw, orgone is a command line Orgone energy accumulator

┌─────────┬─────────┬─────────┬─────────┬─────────┬─────────┐ │ │ │

cat K. 2 Jun 19, 2022
An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer.

Quick start Prepare keys (on both sides): [ -f ~/.ssh/id_ed25519 ] && [ -f ~/.ssh/id_ed25519.pub ] || ssh-keygen -t ed25519 scp ~/.ssh/id_ed25519.pub

null 26 Dec 30, 2022
Proof of History in Golang. Taking key concepts from the Solana whitepaper and providing examples in Go

Proof of History - Concepts in Go ________ ________ ___ ___ |\ __ \|\ __ \|\ \|\ \ \ \ \|\ \ \ \|\ \ \ \\\ \

Ben Duncan 8 Oct 13, 2022
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. (demo)

Mozilla 11.7k Jan 9, 2023
generate a chia address by public key, chia公钥生成地址

chia-address-generator This repo is a hack way to generate an address from publicKey. So it's not a good enough way to use it in prod, use it just for

chuwt 3 Mar 9, 2022