Crate password_auth

source ·
Expand description

RustCrypto: Password Authentication

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Password authentication library with a focus on simplicity and ease-of-use, with support for Argon2, PBKDF2, and scrypt password hashing algorithms.



password-auth is a high-level password authentication library with a simple interface which eliminates as much complexity and user choice as possible.

It wraps pure Rust implementations of multiple password hashing algorithms maintained by the RustCrypto organization, with the goal of providing a stable interface while allowing the password hashing algorithm implementations to evolve at a faster pace.


The core API consists of two functions:

  • generate_hash: generates a password hash from the provided password. The
  • verify_password: verifies the provided password against a password hash, returning an error if the password is incorrect.

Behind the scenes the crate uses the multi-algorithm support in the password-hash crate to support multiple password hashing algorithms simultaneously. By default it supports Argon2 (using the latest OWASP recommended parameters 8), but it can also optionally support PBKDF2 and scrypt by enabling crate features.

When multiple algorithms are enabled, it will still default to Argon2 for generate_hash, but will be able to verify password hashes from PBKDF2 and scrypt as well, if you have them in your password database.

Minimum Supported Rust Version

Rust 1.65 or higher.

Minimum supported Rust version can be changed in the future, but it will be done with a minor version bump.

SemVer Policy

  • All on-by-default features of this library are covered by SemVer
  • MSRV is considered exempt from SemVer as noted above


Licensed under either of:

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.




  • Generate a password hash for the given password.
  • Determine if the given password hash is using the recommended algorithm and parameters.
  • Verify the provided password against the provided password hash.