diff --git a/homeassistant/components/http.py b/homeassistant/components/http.py
index 5084440b0ea..7c252385d5d 100644
--- a/homeassistant/components/http.py
+++ b/homeassistant/components/http.py
@@ -32,8 +32,6 @@ from homeassistant.const import (
 
 DOMAIN = "http"
 
-REQUIREMENTS = ["passlib==1.6.5"]
-
 CONF_API_PASSWORD = "api_password"
 CONF_SERVER_HOST = "server_host"
 CONF_SERVER_PORT = "server_port"
@@ -178,8 +176,6 @@ class RequestHandler(SimpleHTTPRequestHandler):
 
     def _handle_request(self, method):  # pylint: disable=too-many-branches
         """Perform some common checks and call appropriate method."""
-        from passlib import hash
-
         url = urlparse(self.path)
 
         # Read query input. parse_qs gives a list for each value, we want last
@@ -202,20 +198,12 @@ class RequestHandler(SimpleHTTPRequestHandler):
                     "Error parsing JSON", HTTP_UNPROCESSABLE_ENTITY)
                 return
 
-        try:
-            self.authenticated = (hash.sha256_crypt.verify(
-                                      self.headers.get(HTTP_HEADER_HA_AUTH),
-                                      self.server.api_password) or
-                                  hash.sha256_crypt.verify(
-                                      data.get(DATA_API_PASSWORD),
-                                      self.server.api_password) or
-                                  self.verify_session())
-        except (TypeError, ValueError):
-            self.authenticated = (self.server.api_password is None or
-                                  self.headers.get(HTTP_HEADER_HA_AUTH) ==
-                                  self.server.api_password or
-                                  data.get(DATA_API_PASSWORD) ==
-                                  self.server.api_password)
+        self.authenticated = (self.server.api_password is None or
+                              self.headers.get(HTTP_HEADER_HA_AUTH) ==
+                              self.server.api_password or
+                              data.get(DATA_API_PASSWORD) ==
+                              self.server.api_password or
+                              self.verify_session())
 
         if '_METHOD' in data:
             method = data.pop('_METHOD')
diff --git a/script/gen_hash.py b/script/gen_hash.py
deleted file mode 100755
index 8d96c1f4e07..00000000000
--- a/script/gen_hash.py
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/bin/python3
-"""Generate hashes from given strings."""
-import getpass
-from passlib import hash
-
-response1 = getpass.getpass('Please enter your string/password/API key: ')
-response2 = getpass.getpass('Please enter the string/password/API key again: ')
-
-hashed = hash.sha256_crypt.encrypt(response1)
-
-if hash.sha256_crypt.verify(response2, hashed):
-    print('Put the hash in your configuration.yaml file.')
-    print(hashed)
-else:
-    print('No match! Please try again.')