On 18/11/14 14:45, boB Stepp wrote:
http://www.cyberciti.biz/python-tutorials/securely-hash-passwords-in-python/ which seemed informative, but suggests the use of the module passlib. Unfortunately, I am not allowed to install anything on the production environment, nor can anyone else.
You can roll your own password system using the crypt module. Get each user to create a password (or give them a default) and encrypt it with crypt. Store the result and when they log in compare the encrypted password with the stored one. It may not have all the security features of the passlib solution but its a lot better than nothing and will deter most crackers long enough for them to get bored and move on. The downside is that you need to build a password management module/workflow/UI into your code to allow changes/resets etc. -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ http://www.amazon.com/author/alan_gauld Follow my phopto-blog on Flickr at: http://www.flickr.com/photos/alangauldphotos _______________________________________________ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
