Python implementation of the portable PHP password hashing framework

Overview
Portable PHP password hashing framework implemented in Python.

This Python implementation meant to be an exact port of the the original PHP 
version.

PHPass is used by WordPress, bbPress, Vanilla Forums, PivotX and phpBB. This 
Python port will be handy to work with user account data imported from those 
applications. You can also use this to hash passwords in your Python 
applications for sure.

The original PHP version: http://www.openwall.com/phpass/
PHP version written by Solar Designer.

Python implementation by exavolt <[email protected]>

Dependencies
------------

 * bcrypt http://www.mindrot.org/projects/py-bcrypt/ (optional)

Unlicense
---------

This is free and unencumbered software released into the public domain.

Links
-----

 * http://www.openwall.com/phpass/ - the original version in PHP
 * http://packages.python.org/passlib/ - this all-in-one password hashing 
   library supports phpass portable hashing algorithm as one of its 20 
   more algorithms
You might also like...
Patchwork UTF-8 for PHP: Extensive, portable and performant handling of UTF-8 and grapheme clusters for PHP

Patchwork UTF-8 for PHP Patchwork UTF-8 gives PHP developpers extensive, portable and performant handling of UTF-8 and grapheme clusters. It provides

🉑 Portable UTF-8 library - performance optimized (unicode) string functions for php.

🉑 Portable UTF-8 Description It is written in PHP (PHP 7+) and can work without "mbstring", "iconv" or any other extra encoding php-extension on your

🔡 Portable ASCII library - performance optimized (ascii) string functions for php.

🔡 Portable ASCII Description It is written in PHP (PHP 7+) and can work without "mbstring", "iconv" or any other extra encoding php-extension on your

Extensive, portable and performant handling of UTF-8 and grapheme clusters for PHP

Patchwork UTF-8 for PHP Patchwork UTF-8 gives PHP developpers extensive, portable and performant handling of UTF-8 and grapheme clusters. It provides

A modern, portable, easy to use crypto library.
A modern, portable, easy to use crypto library.

Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, i

🎲Neard is a portable WAMP software stack involving useful binaries, tools and applications for your web development.
🎲Neard is a portable WAMP software stack involving useful binaries, tools and applications for your web development.

About Neard is a portable WAMP software stack involving useful binaries, tools and applications for your web development. It also offers several versi

Portable EnderChest for PocketMine-MP 4.0 Servers
Portable EnderChest for PocketMine-MP 4.0 Servers

EnderChest Portable EnderChest for PocketMine-MP 4.0 Servers Everything can be configured via 'config.yml', the name of the enderchest, a custom sound

🌄 Perceptual image hashing for PHP
🌄 Perceptual image hashing for PHP

ImageHash A perceptual hash is a fingerprint of a multimedia file derived from various features from its content. Unlike cryptographic hash functions

🤖 Id obfuscation based on Knuth's multiplicative hashing method for PHP.
🤖 Id obfuscation based on Knuth's multiplicative hashing method for PHP.

Optimus id transformation With this library, you can transform your internal id's to obfuscated integers based on Knuth's integer hash. It is similar

Online chatting application through a logical decentralized blockchain network that stores chat information and hashing keys implemented using AJAX, JQuery, PHP, SQL, CSS, and HTML
Online chatting application through a logical decentralized blockchain network that stores chat information and hashing keys implemented using AJAX, JQuery, PHP, SQL, CSS, and HTML

Online chatting application through a logical decentralized blockchain network that stores chat information and hashing keys implemented using AJAX, JQuery, PHP, SQL, CSS, and HTML. The blockchain stores a previous hash value, current hash value, time, chat data, and a special key(nonce) used for encryption in each block (node).

Flexihash is a small PHP library which implements consistent hashing.

Flexihash Flexihash is a small PHP library which implements consistent hashing, which is most useful in distributed caching. It requires PHP5 and uses

🔒 Password Exposed Helper Function - Check if a password has been exposed in a data breach.
🔒 Password Exposed Helper Function - Check if a password has been exposed in a data breach.

🔒 Password Exposed Helper Function This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a p

User authentication REST API with Laravel (Register, Email verification, Login, Logout, Logged user data, Change password, Reset password)

User Authentication API with Laravel This project is a user authentication REST API application that I developed by using Laravel and MySql. Setup Fir

This project is very diverse and based upon many languages and libraries such as C++, Python, JavaScript, PHP and MQTT

ADMS-Real-time-project This project is very diverse and based upon many languages and libraries such as C++, Python, JavaScript, PHP and MQTT Advance_

The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#)

gRPC - An RPC library and framework gRPC is a modern, open source, high-performance remote procedure call (RPC) framework that can run anywhere. gRPC

Ip2region is a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is ONLY a few megabytes with all IP address stored. binding for Java,PHP,C,Python,Nodejs,Golang,C#,lua. Binary,B-tree,Memory searching algorithm

Ip2region是什么? ip2region - 准确率99.9%的离线IP地址定位库,0.0x毫秒级查询,ip2region.db数据库只有数MB,提供了java,php,c,python,nodejs,golang,c#等查询绑定和Binary,B树,内存三种查询算法。 Ip2region特性

🐍 Web application made in PHP with Laravel where you can interact via API with my Snake game which is made in Python
🐍 Web application made in PHP with Laravel where you can interact via API with my Snake game which is made in Python

Snake web application Project of the web application where you can interact via API with Snake game which is available to download on it. Application

SERP Scraping API code examples for Python, PHP and Node.js

SERP Scraping API List of contents Introduction Authentication Google Baidu Bing Yandex Parameters Targets Languages License Introduction With our SER

Comments
  • Are you available for some targeted consulting work?

    Are you available for some targeted consulting work?

    I have an existing set of wordpress users and I want them to transfer over to my new flask-login based system. Can you help, Exavolt? I think I'm just not understanding the part about how the salt comes in on the original site and becomes part of the user_pass hash. Let me know!

    opened by savraj 1
  • phpass fails on some passwords ?

    phpass fails on some passwords ?

    On our project, it seems that certain passwords don't authenticate with the phpBB3 hash for that user.

    #NOTE: phpbb uses $H$ and phpass uses $P$ so we fix it here
    fixed_pwd = "$P"+ their_pwd[2:]
    testpass = phpass.PasswordHash(8, False)
    passed = testpass.check_password(self.cleaned_data['password'], fixed_pwd)
           if not passed:
                     ....
    

    self.cleaned_data['password'] is the plain text password. fixed_pwd is the hashed password from phpBB3's database. (yes, I know, bad variable name, it should be fixed_hashed) Is this a known issue ?

    *edit, just tested via the php test program from http://www.openwall.com/phpass/, and it fails there as well.

    Go ahead and close this, not your bug. :)

    opened by vexed 0
Owner
Rez
// TODO: insert bio
Rez
A password policy enforcer for PHP and JavaScript

PasswordPolicy A tool for checking and creating password policies in PHP and JS. Installation Use composer to setup an autoloader php composer.phar in

Anthony Ferrara 74 Dec 2, 2022
Compatibility with the password_* functions that ship with PHP 5.5

password_compat This library is intended to provide forward compatibility with the password_* functions that ship with PHP 5.5. See the RFC for more d

Anthony Ferrara 2.2k Dec 30, 2022
PHP Library to generate random passwords

Password Generator Library Simple library for generating random passwords. Requirements PHP >= 7.1 We only support PHP 7.3+ Installation Install Compo

Daniel Platt 256 Dec 9, 2022
Validates passwords against PHP's password_hash function using PASSWORD_DEFAULT. Will rehash when needed, and will upgrade legacy passwords with the Upgrade decorator.

Password Validator Password Validator validates password_hash generated passwords, rehashes passwords as necessary, and will upgrade legacy passwords.

Jeremy Kendall 142 Dec 25, 2022
GenPhrase is a secure passphrase generator for PHP applications.

About GenPhrase is a secure passphrase generator for PHP applications. GenPhrase is based on passwdqc's pwqgen program. See http://www.openwall.com/pa

timoh 110 Nov 30, 2022
Laravel Users (Roles & Permissions, Devices, Password Hashing, Password History).

LARAVEL USERS Roles & Permissions Devices Password Hashing Password History Documentation You can find the detailed documentation here in Laravel User

Pharaonic 8 Dec 14, 2022
The PasswordHasher component provides password hashing utilities.

PasswordHasher Component The PasswordHasher component provides secure password hashing utilities. Getting Started $ composer require symfony/password-

Symfony 482 Dec 29, 2022
Strong cryptography tools and password hashing

laminas-crypt ???? Русским гражданам Мы, участники Laminas, родились и живем в разных странах. У многих из нас есть друзья, родственники и коллеги как

Laminas Project 29 Dec 15, 2022
A comprehensive library for generating differences between two strings in multiple formats (unified, side by side HTML etc). Based on the difflib implementation in Python

PHP Diff Class Introduction A comprehensive library for generating differences between two hashable objects (strings or arrays). Generated differences

Chris Boulton 708 Dec 25, 2022
implementation of a simple Brute-force attack in python

Brute-force-attack-python implementation of a simple Brute-force attack in python using requests library who involved in this project: Python side : A

ali sharifi 5 Nov 25, 2022