passlib.hash.postgres_md5 - PostgreSQL MD5 password hash


This algorithm is not considered secure by modern standards. It should only be used when verifying existing hashes, or when interacting with applications that require this format. For new code, see the list of recommended hashes.

This class implements the md5-based hash algorithm used by PostgreSQL to store its user account passwords. This scheme was introduced in PostgreSQL 7.2; prior to this PostgreSQL stored its password in plain text. Users will most likely find the frontend provided by passlib.apps to be more useful than accessing this class directly. That aside, this class can be used directly as follows:

>>> from passlib.hash import postgres_md5

>>> # hash password using specified username
>>> hash = postgres_md5.hash("password", user="username")
>>> hash

>>> # verify correct password
>>> postgres_md5.verify("password", hash, user="username")
>>> # verify correct password w/ wrong username
>>> postgres_md5.verify("password", hash, user="somebody")
>>> # verify incorrect password
>>> postgres_md5.verify("password", hash, user="username")

See also

the generic PasswordHash usage examples


class passlib.hash.postgres_md5

This class implements the Postgres MD5 Password hash, and follows the PasswordHash API.

It does a single round of hashing, and relies on the username as the salt.

The hash(), genhash(), and verify() methods all require the following additional contextual keywords:

Parameters:user (str) – name of postgres user account this password is associated with.

Format & Algorithm

Postgres-MD5 hashes all have the format md5checksum, where checksum is 32 hexadecimal digits, encoding a 128-bit checksum. This checksum is the MD5 message digest of the password concatenated with the username.

Security Issues

This algorithm it not suitable for any use besides manipulating existing PostgreSQL account passwords, due to the following flaws:

  • Its use of the username as a salt value means that common usernames (e.g. admin, root, postgres) will occur more frequently as salts, weakening the effectiveness of the salt in foiling pre-computed tables.
  • Since the keyspace of user+password is still a subset of ascii characters, existing MD5 lookup tables have an increased chance of being able to reverse common hashes.
  • Its simplicity makes high-speed brute force attacks much more feasible [3] .


[1]Discussion leading up to design of algorithm -
[2]Message explaining postgres md5 hash algorithm -
[3]Blog post demonstrating brute-force attack