Skip to main content
TechUltra Solutions Pvt. Ltd. — AI-Enabled ERP Transformation
Free consultation
Menu
Get free consultation
Password Bcrypt icon

Odoo App · Security & Access

Password Bcrypt

Hash Odoo user passwords with bcrypt — adaptive cost factor, resistant to rainbow tables.

$23.28 Odoo 10.0 Odoo 11.0 Odoo 12.0 Odoo 14.0 AGPL-3
Get it on the Odoo App Store Book a free consultation
TechUltra Solutions Odoo integrations service icon
TechUltra Solutions Odoo consultation service icon
TechUltra Solutions Odoo migration service icon
TechUltra Solutions Odoo end-to-end integration service icon
1 / 4

Overview

Password Bcrypt swaps Odoo's default password hashing for bcrypt — a battle-tested cryptographic hash function designed in 1999 and built on top of the Blowfish block cipher. Where many hash functions get faster as CPUs improve, bcrypt is deliberately slow and stays slow, which is exactly what you want for storing passwords.

Built by TechUltra Solutions, the module changes how Odoo stores and verifies user passwords. Every new password is hashed with bcrypt; every login attempt is verified with the same algorithm. There is nothing for end users to do — their existing login flow keeps working, with a stronger hash behind the scenes.

Bcrypt's defining feature is its cost factor. Administrators set how expensive each hash should be, and that cost can be raised over time. As attacker hardware gets faster, you simply raise the work factor — making a stolen password database harder to crack year over year, not easier.

Key features

  • Bcrypt-hashed passwords

    Every Odoo user password is hashed with bcrypt, an adaptive function built on the Blowfish cipher and widely regarded as a sound default for password storage.

  • Adaptive cost factor

    Bcrypt's key-factor mechanism lets administrators slow hashing deliberately, so brute-force attempts stay economically unfeasible even as computing power increases.

  • Rainbow-table resistance

    Per-password salting and the cost-factor design make precomputed rainbow tables impractical against an Odoo password database hashed with this module.

  • Transparent to end users

    Login screens, password-reset emails, and self-service password changes keep working exactly as before — the only thing that changes is how the hash is computed and stored.

  • Future-proof against faster hardware

    When CPUs and GPUs get faster, raise the bcrypt cost factor. The same module keeps working, the same passwords stay valid, and the protection level moves with the threat.

  • Standard bcrypt format

    Hashes are stored in the well-known bcrypt format, which is supported by mature libraries and easy for security auditors to recognise and review.

  • Open-source AGPL-3 licence

    Published under AGPL-3, so the implementation is open for security review and the code can be inspected, audited, and adapted to local policy.

  • Lightweight install

    Around 37 lines of code with a clean dependency on Odoo's Discuss (mail) app — quick to install and unlikely to conflict with other authentication modules.

Technical details

Specification

Publisher
TechUltra Solutions Private Limited
Technical name
auth_bcrypt_password
Odoo versions
10.0, 11.0, 12.0, 14.0
Lines of code
37
License
GNU Affero General Public License v3 (AGPL-3)
Price
$23.28 (one-time)

Deployment

  • Odoo Online
  • Odoo.sh
  • On-premise

Odoo dependencies

  • Discuss

Support

90 days of bug-fix support, Monday to Friday (10:00–19:00 IST). Raise a ticket at support@techultra.in.

Setup & configuration

From install to first call — here is the path.

  1. 1

    Take a database backup

    Before changing how passwords are hashed, take a full database backup. Authentication modules touch the user model — a backup is your safety net if you need to roll back.

  2. 2

    Install the module

    In Odoo, open Apps, remove the Apps filter, search for “Password Bcrypt”, and click Install. The dependency on Discuss is installed automatically if it is not already.

  3. 3

    Force a password reset for existing users

    Existing passwords stay in the previous hash format until each user next sets a password. Trigger a password reset (or have users change their password) so new hashes are stored using bcrypt.

  4. 4

    Verify a login round-trip

    Sign out and sign back in as a test user whose password has been re-hashed. A successful login confirms the bcrypt verifier is wired into Odoo's authentication path.

  5. 5

    Set a sensible cost factor

    Pick a bcrypt cost factor that gives you sub-second hashing on your application server today, then plan to review and increase it as hardware improves.

Frequently asked questions

  • What is bcrypt and why does it matter?

    Bcrypt is an adaptive password-hashing function built on the Blowfish cipher. It is deliberately slow and uses a tunable cost factor, which makes brute-force and rainbow-table attacks against a stolen password database significantly more expensive than with fast general-purpose hashes.

  • Does the module migrate existing user passwords automatically?

    Existing passwords are not silently re-hashed. They are re-hashed with bcrypt the next time each user sets or changes a password — typically via a forced password reset after install.

  • Will users notice anything different?

    No. The login form, password reset emails, and self-service password change keep working exactly as before. Only the back-end storage format changes.

  • Which Odoo versions are supported?

    Odoo 10.0, 11.0, 12.0, and 14.0, in both the Community and Enterprise editions.

  • What licence is the module released under?

    AGPL-3 — the GNU Affero General Public License v3. The source is open for review, audit, and adaptation to local security policy.

  • Can I raise the bcrypt cost factor later?

    Yes. That is bcrypt's main point. As hardware gets faster, you raise the work factor; new and changed passwords are then hashed with the higher cost while old hashes keep verifying correctly.

  • Is it safe to roll back?

    Bcrypt hashes are one-way, so uninstalling will not recover the original passwords. The safest rollback is to restore the pre-install database backup and force a password reset, which is why we recommend a backup before install.

  • Is support included?

    Yes. The module includes 90 days of bug-fix support, Monday to Friday, 10:00–19:00 IST.

Related services

Get the most out of this module with senior TechUltra consultants.

More Odoo apps from TechUltra

All-in-One WhatsApp (Community) icon

WhatsApp & Messaging

All-in-One WhatsApp (Community)

A complete WhatsApp suite for Odoo Community — base, automation, two-way chat, marketing, and chatbot.

$198.99 View app
Product Personalizer icon

Website & eCommerce

Product Personalizer

Web-to-Print studio inside Odoo — customers design products and Sales gets the print-ready file.

$699 View app
RingCentral Integration icon

Telephony & CTI

RingCentral Integration

Cloud telephony, call logging, recordings & analytics — inside Odoo.

$499 View app
Odoo WhatsApp Bundle (Community) icon

WhatsApp & Messaging

Odoo WhatsApp Bundle (Community)

WhatsApp messaging wired into CRM, Sales, Purchase, Invoicing, POS, Project, and Inventory.

$198.99 View app
Omnichannel Communication icon

Social & Messaging

Omnichannel Communication

WhatsApp, Facebook Messenger, and Instagram in a single Odoo inbox — one provider, one chat history.

$149 View app
WhatsApp Integration Base icon

WhatsApp & Messaging

WhatsApp Integration Base

Foundation connector for Odoo and Meta's WhatsApp Cloud API — providers, templates, and chat.

$69 View app
WhatsApp in Discuss icon

WhatsApp & Messaging

WhatsApp in Discuss

Two-way WhatsApp conversations inside Odoo Discuss, powered by Meta's Cloud API.

$128 View app
AI Inventory Forecast icon

AI & Inventory

AI Inventory Forecast

Forecast product demand in Odoo with NeuralProphet and get reorder suggestions.

$50 View app

Browse all Odoo apps