Re: [Tutor] Python "password" securely hashed in script
On Wed, Apr 27, 2016 at 08:47:14AM -0400, Paul Smith wrote: > So creating small programs that automate my day specifically logins, how > can one "hash" or hide the user and pass items in the python script itself? You can't, really. For *low security* passwords, or a trusted environment, you may be able to use a .netrc file to store the password. See the netrc module for more information: https://docs.python.org/2/library/netrc.html https://docs.python.org/3/library/netrc.html but remember, if the attacker has access to your account and can read your files, she can read your .netrc file as well. The one advantage to this scheme is that you can treat the .netrc file as the only secret that needs protecting, and the python scripts as "low security" because they contain no passwords. You can't hash the passwords, because you cannot reverse a hash to get the passwords back. Hashing is one-way. -- Steve ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Python "password" securely hashed in script
Paul Smith wrote: > So creating small programs that automate my day specifically logins, how > can one "hash" or hide the user and pass items in the python script > itself? I need to prevent someone from easily seeing or accessing these if > they happen to gain access to my python files. Thanks in advance. They can copy your script to gain access and just replace the part where you do something once you are logged in. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Python "password" securely hashed in script
>I need to prevent someone from easily seeing or accessing these if they >happen to gain access to my python files. Thanks in advance. If they can read your script, they can also reverse engineed the code and decode your user/pass. (Also, "hashing" is a one way destructive operation, you can not retreive the original pass phrase) ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
[Tutor] Python "password" securely hashed in script
So creating small programs that automate my day specifically logins, how can one "hash" or hide the user and pass items in the python script itself? I need to prevent someone from easily seeing or accessing these if they happen to gain access to my python files. Thanks in advance. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor