crypt
~~~~~
The `crypt <https://docs.python.org/3/library/crypt.html>`_ module implements
password hashing based on ``crypt(3)`` function from ``libcrypt`` or
``libxcrypt`` on Unix-like platform. The algorithms are mostly old, of poor
quality and insecure. Users are discouraged to use them.
* The module is not available on Windows. Cross-platform application need
an alternative implementation any way.
* Only DES encryption is guarenteed to be available. DES has an extremely
limited key space of 2**56.
* MD5, salted SHA256, salted SHA512, and Blowfish are optional extension.
SSHA256 and SSHA512 are glibc extensions. Blowfish (bcrypt) is the only
algorithm that is still secure. However it's in glibc and therefore not
commonly available on Linux.
* Depending on the platform, the ``crypt`` module is not thread safe. Only
implementations with ``crypt_r(3)`` are thread safe.
* The module was never useful to interact with system user and password
databases.