Django Password Generator

Question

I have imported a heap of users and their data to a django project. I need to assign a password to each. Is the such a snippet out there for password generation that will cope with the Django hash and salt?

It may have changed, but you don't have to "cope with the Django hash and salt" because you can use the [`.set_password()` helper function](https://docs.djangoproject.com/en/1.10/ref/contrib/auth/#django.contrib.auth.models.User.set_password) on a `User` object that processes the provided password with your chosen key derivation function and sets the `.password` field/attribute with it. — Nick T, Feb 01 '17 at 21:40

score 240 · Accepted Answer · edited Apr 27 '21 at 10:06

240

You can also use the built in function make_random_password

for user in new_users:
    password = User.objects.make_random_password()
    user.set_password(password)
    user.save(update_fields=['password'])
    # email/print password

edited Apr 27 '21 at 10:06

jarekwg

375
3
8

answered Feb 28 '12 at 11:27

JamesO

25,178
4
40
42

24

Also notice that `make_random_password()` accepts keyword arguments `length` and `allowed_chars`. – benjaoming Jul 17 '13 at 20:01
11

`user.save()` to apply changes is missing – giopromolla Jun 13 '19 at 22:30
2

`from django.contrib.auth.models import User` – Lucas Alonso May 03 '22 at 18:23

score 23 · Answer 2 · answered Feb 11 '14 at 10:29

23

Also you can use from django.utils.crypto import get_random_string out of auth module, it accepts keyword arguments length and allowed_chars as well.

answered Feb 11 '14 at 10:29

mitnk

3,127
2
21
28

4

+1. Preferred over User.objects.make_random_password() because it can be run from standalone scripts without having to configure Django settings. I use this for random fixture generation. – m000 May 18 '16 at 13:21
2

I prefer this because I don't have to interact with any objects to do it. It makes something like a random password generator for a user much easier to do. For Instance def get_password_view(request): return JsonResponse({ "password" : get_random_string() }) – Giga Chad Coding Jul 07 '18 at 14:44
Prefer this one, because `User.objects.make_random_password()` gives error, if it has been inherited. – Abhishake Gupta Aug 12 '20 at 16:34

PADYMKO · Answer 3 · 2017-05-27T06:24:45.313

If you need only a Django`s solutions, then try next:

For generate a normal password try use BaseUserManager.

In [341]: from django.contrib.auth.base_user import BaseUserManager

# simple password, it length is 10, and it contains ascii letters and digits
In [344]: BaseUserManager().make_random_password()
Out[344]: 'aYMX5Wk7Cu'

In [345]: BaseUserManager().make_random_password()
Out[345]: 'rM7759hw96'

In [346]: BaseUserManager().make_random_password()
Out[346]: 'EkbZxEXyAm'

# passed length of a password
In [347]: BaseUserManager().make_random_password(45)
Out[347]: 'dtM9vhSBL9WSFeEdPqj8jVPMH9ytsjPXrkaHUNUQu4zVH'

In [348]: BaseUserManager().make_random_password(45)
Out[348]: 'jypVaXuw9Uw8mD4CXtEhtj2E4DVYx23YTMwy8jGTKsreR'

# passed length of a password and symbols for choice
In [349]: BaseUserManager().make_random_password(45, 'abcdf')
Out[349]: 'daacbfabfccfdbdddbbcddcfcfbfcdabbaccbfcadbccd'

In [351]: import string

# password contains only digits
In [352]: BaseUserManager().make_random_password(50, string.digits)
Out[352]: '00526693878168774026398080457185060971935025500935'

# password contains only ascii symbols in lowercase
In [353]: BaseUserManager().make_random_password(50, string.ascii_lowercase)
Out[353]: 'nvftisuezofnashdhlalfmscnmqtvigwjpfwsyycsefekytmar'

# password contains only ascii symbols in uppercase
In [354]: BaseUserManager().make_random_password(50, string.ascii_uppercase)
Out[354]: 'APKSUHHHTAAJCFEUONIXWWAKJGXIBHTQDZBTSYFTPDFOSRYEQR'

If you need strong and power password, then try built-in "hashers" in the Django

In [355]: from django.contrib.auth.hashers import make_password

In [357]: make_password('')
Out[357]: 'pbkdf2_sha256$30000$JuKXdW3shCjL$PsPJX7Zale5JUBkWpIJI/+QlsuVWhz9Q+GQWVtTpQ/Y='

In [358]: make_password('text')
Out[358]: 'pbkdf2_sha256$30000$lSv8kQ39BHE7$KQC5hRhuphYBXmBrXZBJGC+nxygfNWTDf8zQf/NNgY8='

In [360]: make_password('text', salt=['simething'])
Out[360]: "pbkdf2_sha256$30000$['simething']$D+1vJQx9W2/c9sIz/J+7iEz4d4KFPg/R+0S87n/RKR4="

In [361]: make_password('text', salt=['something'])
Out[361]: "pbkdf2_sha256$30000$['something']$NIcmOkEyg6mnH5Ljt+KvI2LVgZWg6sXS6Rh865rbhSc="

Notes:

Used Django 1.10 and Python 3.4

score 5 · Answer 4 · answered Feb 28 '12 at 11:09

Just use the API - django.contrib.auth.models.User has a .set_password() method. Here's an example (that I haven't tested, but you should get the idea):

from random import choice
from string import digits, letters
from django.contrib.auth.models import User

def _pw(length=6):
    s = ''
    for i in range(length):
        s += random.choice(digits + letters)
    return s

for user in User.objects.all(): # or .filter(...)
    user.set_password(_pw())
    user.save()

score 4 · Answer 5 · answered Feb 28 '12 at 11:08

4

import random
import string 
user.set_password(''.join([random.choice(string.digits + string.letters) for i in range(0, 10)]))
user.save()

answered Feb 28 '12 at 11:08

Willian

2,385
15
17

Django Password Generator

5 Answers5

Linked

Related