Securely storing passwords for use in python script

Question

Possible Duplicate    I need to securely store a username and password in Python  what are my options        I am looking for a way to securely store passwords which I intend to use in some Python scripting  I will be logging into different things and I don t want to store the passwords as plaintext in the script itself   Instead I was wondering if there is anything which is able to securely store those passwords and then retrieve them using something like a master password which I could enter to the script at the beginning

User · Answer

I typically have a secrets py that is stored separately from my other python scripts and is not under version control  Then whenever required  you can do from secrets import  lt required pwd var gt   This way you can rely on the operating systems in-built file security system without re-inventing your own   Using Base64 encoding decoding is also another way to obfuscate the password though not completely secure  More here - Hiding a password in a python script  insecure obfuscation only

User · Answer

Know the master key yourself  Don t hard code it    Use py-bcrypt  bcrypt   powerful hashing technique to generate a password yourself   Basically you can do this  an idea      import bcrypt from getpass import getpass master secret key   getpass  tell me the master secret key you are going to use   salt   bcrypt gensalt   combo password   raw password   salt   master secret key hashed password   bcrypt hashpw combo password  salt    save salt and hashed password somewhere so whenever you need to use the password  you are reading the encrypted password  and test against the raw password you are entering again   This is basically how login should work these days

User · Answer

the secure way is encrypt your sensitive data by AES and the encryption key is derivation by password-based key derivation function  PBE   the master password used to encrypt decrypt the encrypt key for AES      master password -  secure key-  encrypt data by the key   You can use pbkdf2  from PBKDF2 import PBKDF2 from Crypto Cipher import AES import os salt   os urandom 8       64-bit salt key   PBKDF2  This passphrase is a secret    salt  read 32    256-bit key iv   os urandom 16        128-bit IV cipher   AES new key  AES MODE CBC  iv    make sure to store the salt iv passphrase   and decrypt using same salt iv passphase  Weblogic used similar approach to protect passwords in config files

[python] Securely storing passwords for use in python script

Examples related to python

Examples related to security