Password authentication library with a focus on simplicity and ease-of-use, with support for [Argon2], [PBKDF2], and [scrypt] password hashing algorithms.
password-auth is a high-level password authentication library with a simple
interface which eliminates as much complexity and user choice as possible.
It wraps pure Rust implementations of multiple password hashing algorithms maintained by the [RustCrypto] organization, with the goal of providing a stable interface while allowing the password hashing algorithm implementations to evolve at a faster pace.
The core API consists of two functions:
generate_hash]: generates a password hash from the provided password. Theverify_password]: verifies the provided password against a password hash,
returning an error if the password is incorrect.Behind the scenes the crate uses the multi-algorithm support in the
[password-hash] crate to support multiple password hashing algorithms
simultaneously. By default it supports Argon2 (using the latest OWASP
recommended parameters 8), but it can also optionally support PBKDF2 and scrypt
by enabling crate features.
When multiple algorithms are enabled, it will still default to Argon2 for
generate_hash, but will be able to verify password hashes from PBKDF2 and
scrypt as well, if you have them in your password database.
Rust 1.65 or higher.
Minimum supported Rust version can be changed in the future, but it will be done with a minor version bump.
Licensed under either of:
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.