Securely storing passwords for use in python script [duplicate]

by

Know the master key yourself. Don’t hard code it.

Use py-bcrypt (bcrypt), powerful hashing technique to generate a password yourself.

Basically you can do this (an idea…)

import bcrypt
from getpass import getpass
master_secret_key = getpass('tell me the master secret key you are going to use')
salt = bcrypt.gensalt()
combo_password = raw_password + salt + master_secret_key
hashed_password = bcrypt.hashpw(combo_password, salt)

save salt and hashed password somewhere so whenever you need to use the password, you are reading the encrypted password, and test against the raw password you are entering again.

This is basically how login should work these days.

More Related Contents:

  1. What are the risks of running ‘sudo pip’?
  2. Security of Python’s eval() on untrusted strings?
  3. I need to securely store a username and password in Python, what are my options? [closed]
  4. hash function in Python 3.3 returns different results between sessions
  5. Is distributing python source code in Docker secure?
  6. Hiding a password in a python script (insecure obfuscation only)
  7. Change to sudo user within a python script
  8. Securely Erasing Password in Memory (Python)
  9. Python 3, Are there any known security holes in ast.literal_eval(node_or_string)?
  10. Mark data as sensitive in python
  11. Is a SQLAlchemy query vulnerable to injection attacks?
  12. Is this Python code vulnerable to SQL injection? (SQLite3)
  13. Create a temporary FIFO (named pipe) in Python?
  14. Encrypted and secure docker containers
  15. Google Authenticator implementation in Python
  16. Do CSRF attacks apply to API’s?
  17. What’s the purpose of Django setting ‘SECRET_KEY’?
  18. What is the best way to call a script from another script? [closed]
  19. Single vs double quotes in JSON
  20. Integer division in Python 2 and Python 3
  21. Matplotlib: Specify format of floats for tick labels
  22. Pandas Timedelta in Days
  23. OverflowError: (34, ‘Result too large’)
  24. Is it better to use “is” or “==” for number comparison in Python? [duplicate]
  25. What does “ mean in Python?
  26. Accessing items in an collections.OrderedDict by index
  27. How to find and replace nth occurrence of word in a sentence using python regular expression?
  28. How to check a string for a special character?
  29. Date ticks and rotation [duplicate]
  30. How would I cross-reference a function generated by autodoc in Sphinx?

Leave a Comment