Looking to store usernames and passwords in a database, and am wondering what the

Question

0

Asked: May 14, 20262026-05-14T03:37:50+00:00 2026-05-14T03:37:50+00:00

Looking to store usernames and passwords in a database, and am wondering what the

0

Looking to store usernames and passwords in a database, and am wondering what the safest way to do so is. I know I have to use a salt somewhere, but am not sure how to generate it securely or how to apply it to encrypt the password. Some sample Python code would be greatly appreciated. Thanks.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-14T03:37:51+00:00

Store the password+salt as a hash and the salt. Take a look at how Django does it: basic docs and source.
In the db they store <type of hash>$<salt>$<hash> in a single char field. You can also store the three parts in separate fields.

The function to set the password:

def set_password(self, raw_password):
    import random
    algo = 'sha1'
    salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
    hsh = get_hexdigest(algo, salt, raw_password)
    self.password = '%s$%s$%s' % (algo, salt, hsh)

The get_hexdigest is just a thin wrapper around some hashing algorithms. You can use hashlib for that. Something like hashlib.sha1('%s%s' % (salt, hash)).hexdigest()

And the function to check the password:

def check_password(raw_password, enc_password):
    """
    Returns a boolean of whether the raw_password was correct. Handles
    encryption formats behind the scenes.
    """
    algo, salt, hsh = enc_password.split('$')
    return hsh == get_hexdigest(algo, salt, raw_password)

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Looking to store usernames and passwords in a database, and am wondering what the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply