Created
May 2, 2024 22:32
-
-
Save lucasrcezimbra/69286c9f1cbdb355e242990d2bc85e02 to your computer and use it in GitHub Desktop.
Django password hashers time comparison
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
How to use: | |
1. poetry add django[bcrypt] | |
2. poetry run python contrib/compare_password_hashers.py | |
""" | |
import timeit | |
from uuid import uuid4 | |
from django.conf import settings | |
from django.contrib.auth.hashers import ( | |
check_password, make_password, PBKDF2PasswordHasher, | |
BCryptSHA256PasswordHasher, MD5PasswordHasher,PBKDF2SHA1PasswordHasher | |
) | |
settings.configure() | |
PASSWORD = str(uuid4()) | |
RUN_TIMES = 1 | |
class PBKDF2PasswordHasherHalfIterations(PBKDF2PasswordHasher): | |
iterations = PBKDF2PasswordHasher.iterations // 2 | |
class PBKDF2PasswordHasherTenthIterations(PBKDF2PasswordHasher): | |
iterations = PBKDF2PasswordHasher.iterations // 10 | |
hashers = [ | |
PBKDF2PasswordHasher, | |
PBKDF2PasswordHasherHalfIterations, | |
PBKDF2PasswordHasherTenthIterations, | |
PBKDF2SHA1PasswordHasher, | |
BCryptSHA256PasswordHasher, | |
MD5PasswordHasher, | |
] | |
for Hasher in hashers: | |
def log(msg): | |
print(f'{Hasher.__name__} - {msg}') | |
log(f'Making password') | |
hashed_pwd = make_password(PASSWORD, hasher=Hasher()) | |
log(f'Checking password {RUN_TIMES} times') | |
start = timeit.default_timer() | |
for _ in range(RUN_TIMES): | |
check_password(PASSWORD, hashed_pwd) | |
end = timeit.default_timer() | |
log(f'{end - start:.5f} seconds for {RUN_TIMES} runs') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment