It supports many secure hashing algorithms and utilities to work with them.

The recommended algorithm is "Bcrypt".

Make sure you create a [virtual environment](../../virtual-environments.md){.internal-link target=_blank}, activate it, and then install PassLib with Bcrypt:

<div class="termy">

```console
$ pip install "passlib[bcrypt]"

---> 100%
```

</div>

/// tip

        return webAuthenticationBhv.selectByPK(id);
    }

    public void store(final WebAuthentication webAuthentication) {
        webAuthentication.setParameters(ParameterUtil.encrypt(webAuthentication.getParameters()));
        webAuthenticationBhv.insertOrUpdate(webAuthentication, op -> {
            op.setRefreshPolicy(Constants.TRUE);
        });

    }

这样一来，窃贼就无法在其它应用中使用窃取的密码（要知道，很多用户在所有系统中都使用相同的密码，风险超大）。

## 安装 `passlib`

Passlib 是处理密码哈希的 Python 包。

它支持很多安全哈希算法及配套工具。

本教程推荐的算法是 **Bcrypt**。

因此，请先安装附带 Bcrypt 的 PassLib：

<div class="termy">

```console
$ pip install passlib[bcrypt]

---> 100%
```

</div>

/// tip | "提示"

`passlib` 甚至可以读取 Django、Flask 的安全插件等工具创建的密码。

        return fileAuthenticationBhv.selectByPK(id);
    }

    public void store(final FileAuthentication fileAuthentication) {
        fileAuthentication.setParameters(ParameterUtil.encrypt(fileAuthentication.getParameters()));
        fileAuthenticationBhv.insertOrUpdate(fileAuthentication, op -> {
            op.setRefreshPolicy(Constants.TRUE);
        });

    }

package cmd

import (
	"bytes"
	"encoding/json"
	"errors"
	"fmt"
	"io"
	"net/http"
	"reflect"
	"strconv"
	"strings"
	"time"

	"github.com/minio/minio-go/v7/pkg/encrypt"
	"github.com/minio/minio-go/v7/pkg/set"
	xhttp "github.com/minio/minio/internal/http"
	"github.com/minio/minio/internal/s3select/jstream"
)

	start_port=$1

	export MINIO_ROOT_USER=minio
	export MINIO_ROOT_PASSWORD=minio123
	export MC_HOST_minio="http://minio:minio123@127.0.0.1:${start_port}/"
	unset MINIO_KMS_AUTO_ENCRYPTION # do not auto-encrypt objects
	export MINIO_CI_CD=1

	mkdir ${WORK_DIR}
	C_PWD=${PWD}
	if [ ! -x "$PWD/mc" ]; then
		MC_BUILD_DIR="mc-$RANDOM"
		if ! git clone --quiet https://github.com/minio/mc "$MC_BUILD_DIR"; then

	start_port=$1

	export MINIO_ROOT_USER=minio
	export MINIO_ROOT_PASSWORD=minio123
	export MC_HOST_minio="http://minio:minio123@127.0.0.1:${start_port}/"
	unset MINIO_KMS_AUTO_ENCRYPTION # do not auto-encrypt objects
	export MINIO_CI_CD=1

	mkdir ${WORK_DIR}
	C_PWD=${PWD}
	if [ ! -x "$PWD/mc" ]; then
		MC_BUILD_DIR="mc-$RANDOM"
		if ! git clone --quiet https://github.com/minio/mc "$MC_BUILD_DIR"; then

	echo "verified sitea-> COMPLETED, sitec-> REPLICA"
fi

sleep 5

head -c 221227088 </dev/urandom >200M
./mc.RELEASE.2021-03-12T03-36-59Z cp --config-dir ~/.mc --encrypt "sitea" --quiet 200M "sitea/bucket/200M-enc-v1"
./mc.RELEASE.2021-03-12T03-36-59Z cp --config-dir ~/.mc --quiet 200M "sitea/bucket/200M-v1"

./mc cp --enc-s3 "sitea" --quiet 200M "sitea/bucket/200M-enc-v2"

            return OptionalEntity.empty();
        }
        return OptionalEntity.of(list.get(0));
    }

    public void store(final FileConfig fileConfig) {
        fileConfig.setConfigParameter(ParameterUtil.encrypt(fileConfig.getConfigParameter()));
        fileConfigBhv.insertOrUpdate(fileConfig, op -> {
            op.setRefreshPolicy(Constants.TRUE);
        });
    }

import okhttp3.Request
import okhttp3.tls.HandshakeCertificates
import okhttp3.tls.decodeCertificatePem
import org.junit.jupiter.api.Tag
import org.junit.jupiter.api.Test

/**
 * Test for new Let's Encrypt Root Certificate.
 */
@Tag("Remote")
class LetsEncryptClientTest {
  @Test fun get() {
    // These tests wont actually run before Android 8.0 as per
    // https://github.com/mannodermaus/android-junit5