Learn to Code via Tutorials on Repl.it!

← Back to all posts
How to hashes

How to use hashes in Python

Today we're going to talk about how use use the MD5 (Message Direct 5) and SHA-256
But first we need to address a problem.

What are hashes anyway?

A hash is a function that produces a fixed length number (Usually Hex) based on a input.

Some examples (MD5):

"cat" --> md5sum --> d077f244def8a70e5ea758bd8352fcd8

"dog" --> md5sum --> 06d80eb0c50b49a509b49f2424e8c805

"cats" --> md5sum --> 0832c1202da8d382318e329a7c133ea0

"dogs" --> md5sum --> d28d2d3560fa76f0dbb1a452f8c38169

As you can see, cat and cats have totally different sums

Try it out

If you have a Linux system, to calculate the MD5 sum of a string, run this:

Using MD5 hashes in Python

Python comes with built-in support for SHA and MD5.

To access it, import it:

You can then create a hash object like this:

You have to use the .encode(), because MD5 works on a series of bytes.

If you don't you'll get this error:

To get the actual hash of the string, call .hexdigest() on the object:

A quicker method:

A couple of notes on MD5

MD5 has been cracked.

You should not use it for passwords because of collisions.

What is a collision?

Since MD5 has a fixed hash length (32 bits), there are a finite number of hashes.
A visual is the best option:

If you hash your passwords, a cracker could gain access by colliding two hashes.

How to apply MD5 in your programs

I use MD5 for checksums in P2P

This is to verify that the transferred file is identical to the host's file, because MD5 works on bytes too.

Using SHA-256

To use SHA256 in your programs, refer to the example above, just replace md5 with sha256

SHA256 has not been collided, as of 2020, so you can use it to hash your passwords.
I used it in Coyote OS
It is so much more secure than storing passwords in plaintext.

Additional Reading

All I've given is a brief overview.


Cool I once made a sort of hash password module on github here: https://github.com/Codemonkey51/secure-python-password-engine


Cool I may use that @CodeLongAndPros


I'll make sure to credit you @CodeLongAndPros