kade/password-hashes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Password hashing functions / KDFs
727 commits 1 branch 0 tags 1.8 MiB
  • Rust 100%
Find a file
Exact
Repository files (latest commit first)
Filename Latest commit message Latest commit date
Reynard User a3a8b93894 chore: sync dependencies (monorepo)
2026-04-06 20:08:07 +02:00
.readme chore: sync dependencies (monorepo) 2026-04-03 18:05:07 +02:00
argon2 chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
balloon-hash chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
bcrypt-pbkdf chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
benches chore: sync dependencies (monorepo) 2026-03-25 17:28:54 +01:00
fuzz chore: sync dependencies (monorepo) 2026-03-30 09:25:48 +02:00
password-auth chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
pbkdf2 chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
scrypt chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
sha-crypt chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
yescrypt chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
.gitignore Bump password-hash to v0.6.0-rc.2 (#737) 2025-11-05 15:14:25 -07:00
Cargo.toml chore: sync dependencies (monorepo) 2026-04-06 15:17:22 +02:00
README.md chore: sync dependencies (monorepo) 2026-04-03 18:05:07 +02:00

README.md

RustCrypto: Password Hashes

Collection of password hashing algorithms, otherwise known as password-based key derivation functions, written in pure Rust.

Supported Algorithms

Algorithm Crate Crates.io Documentation MSRV
[Argon2] [argon2] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[Balloon] [balloonhash] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[bcryptpbkdf] [bcryptpbkdf] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[PBKDF2] [pbkdf2] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[scrypt] [scrypt] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[SHA-crypt] [shacrypt] crates.io Documentation ![MSRV 1.85][msrv-1.85]
[yescrypt] [yescrypt] crates.io Documentation ![MSRV 1.85][msrv-1.85]

Please see the [OWASP Password Storage Cheat Sheet] for assistance in selecting an appropriate algorithm for your use case.

Usage

The following code example shows how to verify a password when stored using one of many possible password hashing algorithms implemented in this repository.

# fn main() -> Result<(), Box<dyn core::error::Error>> {
use password_hash::{PasswordVerifier, PasswordHash};

use argon2::Argon2;
use pbkdf2::Pbkdf2;
use scrypt::Scrypt;

// Can be: `$argon2`, `$pbkdf2`, or `$scrypt`
let hash_string = "$argon2i$v=19$m=65536,t=1,p=1$c29tZXNhbHQAAAAAAAAAAA$+r0d29hqEB0yasKr55ZgICsQGSkl0v0kgwhd+U3wyRo";
let input_password = "password";

let password_hash = PasswordHash::new(&hash_string)?;

// Trait objects for algorithms to support
let algs: &[&dyn PasswordVerifier<PasswordHash>] = &[
    &Argon2::default(),
    &Pbkdf2::default(),
    &Scrypt::default()
];

for alg in algs {
    if alg.verify_password(input_password.as_ref(), &password_hash).is_ok() {
        return Ok(());
    }
}

// If we get here, the password is invalid
# Err(Box::new(password_hash::Error::PasswordInvalid))
# }

Minimum Supported Rust Version (MSRV) Policy

MSRV bumps are considered breaking changes and will be performed only with minor version bump.

License

All crates licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.