Collection of password hashing algorithms, otherwise known as password-based key derivation functions, written in pure Rust.

Algorithm	Crate	Crates.io	Documentation	MSRV
Argon2	argon2
Balloon	balloon‑hash
bcrypt‑pbkdf	bcrypt‑pbkdf
PBKDF2	pbkdf2
scrypt	scrypt
SHA-crypt	sha‑crypt

Please see the OWASP Password Storage Cheat Sheet for assistance in selecting an appropriate algorithm for your use case.

The following code example shows how to verify a password when stored using one of many possible password hashing algorithms implemented in this repository.

use password_hash::{PasswordHash, PasswordVerifier};

use argon2::Argon2;
use pbkdf2::Pbkdf2;
use scrypt::Scrypt;

// Can be: `$argon2`, `$pbkdf2`, or `$scrypt`
let hash_string = "$argon2i$v=19$m=65536,t=1,p=1$c29tZXNhbHQAAAAAAAAAAA$+r0d29hqEB0yasKr55ZgICsQGSkl0v0kgwhd+U3wyRo";
let input_password = "password";

let password_hash = PasswordHash::new(&hash_string).expect("invalid password hash");

// Trait objects for algorithms to support
let algs: &[&dyn PasswordVerifier] = &[&Argon2::default(), &Pbkdf2, &Scrypt];

password_hash.verify_password(algs, input_password).expect("invalid password");

MSRV bumps are considered breaking changes and will be performed only with minor version bump.

All crates licensed under either of

• Apache License, Version 2.0
• MIT license

at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.