Django support multiple password hash algorithm, however two hash that it support but not come out of the box are Argon2 and Bcrypt. This post will show how we can make for a better Django Password hasher our project.
Installing Argon2 Library
We can install the Argon2 library as follow
pipenv install django[argon2]
pipenv lock -r > requirements.txt
Update Settings
in your settings.py just add the following line
PASSWORD_HASHERS = [
'django.contrib.auth.hashers.Argon2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
]
That's it and now your password is being hash with a much better password hasher.
End
With just 2 simple steps, your user password is being hash with a better password hasher. Why not just implement this in your project, as you got nothing to loose and so many to gain.
Latest comments (0)