Home/ Questions/Q 7054025
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T03:34:34+00:00

import bcrypt hashedstring = bcrypt.gensalt() password = bcrypt.hashpw(password,hashedstring) Should I save the hashedstring everytime

  • 0
import bcrypt

hashedstring = bcrypt.gensalt()
password = bcrypt.hashpw(password,hashedstring)

Should I save the hashedstring everytime in the database table field to login succeesfully next time getting the hashed string?

Or should I use a static pre-generated hashed string in code?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The salt you use to hash the password is stored in the resulting hash – this means there is no need to store it in the database, as it can be recovered from the hash.

    According to the project page, this can be done like so:

    # Store a hash.
import bcrypt
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
store_in_db(user, hashed) #Where user is the user to load the hash for, and store_in_db does what it says on the tin.

# Check against an existing hash
import bcrypt
hashed = load_from_db(user) # (get the password of the user from database) Where user is the user to load the hash for, and load_from_db does what it says on the tin.
if bcrypt.hashpw(password, hashed) == hashed: # Where password is a plaintext password attempt.
        print "It matches"
else:
        print "It does not match"

    And yes, you should use a different salt for each value – which BCrypt’s design encourages.

    • 0