Invalid password format or unknown hashing algorithm

Question

One of the users on my site recently managed to trigger this traceback while attempting to login. In Django Admin, his password reads Invalid password format or unknown hashing algorithm.

I have no idea what might have caused this. So far this has been an isolated case and I and other users have managed to successfully sign up and login to the site.

Traceback

Traceback (most recent call last):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/core/handlers/base.py", line 111, in get_response
   response = callback(request, *callback_args, **callback_kwargs)

 File "/var/git/bbox/userprofile/views.py", line 67, in login_view
   if form.is_valid():

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 124, in is_valid
   return self.is_bound and not bool(self.errors)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 115, in _get_errors
   self.full_clean()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 271, in full_clean
   self._clean_form()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 299, in _clean_form
   self.cleaned_data = self.clean()

 File "/var/git/bbox/userprofile/forms.py", line 83, in clean
   self.user_cache = authenticate(username=username, password=password)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 45, in authenticate
   user = backend.authenticate(**credentials)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/backends.py", line 15, in authenticate
   if user.check_password(password):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/models.py", line 304, in check_password
   return check_password(raw_password, self.password, setter)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 42, in check_password
   hasher = get_hasher(algorithm)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 115, in get_hasher
   "setting?" % algorithm)

ValueError: Unknown password hashing algorithm ''. Did you specify it in the PASSWORD_HASHERS setting?

Answer 1

Instead of setting your password to an empty string, set the password as unusable using set_unusable_password() method of User model:

user.set_unusable_password()

See more in the documentation: https://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.set_unusable_password