Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

Pure-python implementation of the SHA2 crypt(3) functions

Project Description

# python-crypt [![Build Status](](

Pure-python implementation of the crypt(3) SHA2 functions.

Useful for creating crypt-compatible hashes from non-*nixes (like Windows
and OS X), like when creating password hashes to initialize a *nix server

## Install

$ pip install pcrypt

## Usage

API is identical to the [built-in crypt]( module on *nix:

>>> import pcrypt, getpass
>>> print(pcrypt.crypt(getpass.getpass()))

If you want to override the number of rounds used for hashing, you can specify the parameter `rounds` to crypt:

>>> print(pcrypt.crypt(getpass.getpass(), rounds=50000))

The default number of rounds is 5000, same as for crypt(3).

To use SHA256 instead of the default SHA512:

>>> print(pcrypt.crypt(getpass.getpass(), pcrypt.METHOD_SHA256))

If the second argument is given it must be either an existing salt string matching the
format `$<algo>$(rounds=<rounds>$)?<salt>($<hash>)?`, or one of `pcrypt.METHOD_SHA256`
or `pcrypt.METHOD_SHA512`.

Without specifying salt manually the module will generate a new salt and use
the strongest hash function available.

As a little extra nugget, there's also a handy CLI to quickly generate a hash:

$ pcrypt -h
usage: pcrypt [-h] [-r ROUNDS] [-a {sha256,sha512}] [-s]

Compute a password hash for SHA256/SHA512 in crypt(3)-compatible format.
Password will be prompted for.

optional arguments:
-h, --help show this help message and exit
-r ROUNDS, --rounds ROUNDS
How many rounds of hashing to perform. More rounds are
slower, making it harder to reverse a hash through
brute force. Default: 5000
-a {sha256,sha512}, --algo {sha256,sha512}
Which algorithm to use. Default: sha512
-s, --single-prompt Don't ask to repeat the password

**NB**: You'd probably guess from this being a pure-python implementation of a compute-heavy operation, but I just have to say this explicitly: Do not use this for performance-critical applications! Performance is roughly five orders of magnitude slower than the plain C version.

Change log

[Unreleased] - N/A

No unreleased features as of now.

[1.0.4] - 2016-02-08

### Added
- Passwords can now be piped in to the pcrypt CLI.

[1.0.3] - 2015-12-19

Practically first release.


Release History

This version
History Node


History Node


History Node


History Node


History Node


Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, Size & Hash SHA256 Hash Help File Type Python Version Upload Date
(5.9 kB) Copy SHA256 Hash SHA256
Source None Feb 9, 2016

Supported By

Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Google Google Cloud Servers