What does it do?
The cryptography library gives Python programs access to the mathematical tools that scramble information so only the intended recipient can read it, encrypting files, verifying digital signatures, and generating secure keys. Think of it as a professional locksmith’s full toolkit rather than a single padlock: it includes many different kinds of locks for many different jobs, from sealing a message so only one person can open it, to proving a document hasn’t been tampered with. It wraps lower-level, battle-tested cryptographic code so Python developers don’t have to implement these delicate algorithms themselves, since cryptography is notoriously easy to get subtly wrong. It covers everything from encrypting a single file to securing entire network connections.
See it in action
This creates a secret key, uses it to scramble a message into unreadable text, and then uses the same key to unscramble it back to the original message.
from cryptography.fernet import Fernet
key = Fernet.generate_key()
cipher = Fernet(key)
token = cipher.encrypt(b"a secret message")
print(cipher.decrypt(token))
Why would a non-developer care?
Every time you see a padlock icon in your browser, log into a banking app, or send a message that only the recipient can read, cryptographic algorithms like the ones this library implements are working behind the scenes. Getting this wrong isn’t a minor bug, it’s the kind of mistake that leads to real data breaches.
Real-world examples
The cryptography library has become the de facto standard for encryption work in Python, effectively replacing an older, less actively maintained library called PyCrypto, and it’s a dependency of an enormous share of security-sensitive Python software, including tools that manage website certificates and secure connections. Its maintainers are known for taking security extremely seriously, deliberately making it harder to misuse the more dangerous, low-level cryptographic primitives.
Who uses it
Security engineers and backend developers building anything that needs to encrypt data, verify identities, or manage digital certificates.
How it compares to alternatives
It largely superseded PyCrypto and the related PyCryptodome, offering more actively maintained, security-audited code, and it underpins higher-level libraries like PyOpenSSL and PyJWT, which handle more specific tasks using cryptography’s primitives underneath.
Fun fact
The project’s design philosophy explicitly separates “hazardous materials,” the low-level primitives that are easy to misuse, from a simpler recommended layer, specifically to stop developers from shooting themselves in the foot with real cryptography.