I have a python program that accesses SQL databases with the database login currently encoded in base64 in a text file. I'd like to encode the login instead using MD5 and store it in a config file, but after some research, I couldn't find much on the topic. Could someone point me in the right direction on where to start?
2
-
1Encrypting, encoding and hashing are very different things.polku– polku2016-06-24 14:54:02 +00:00Commented Jun 24, 2016 at 14:54
-
The database story has not really anything to do with the question, does it? :-)handle– handle2016-06-24 14:57:29 +00:00Commented Jun 24, 2016 at 14:57
Add a comment
|
2 Answers
MD5, unfortunately, is a hash signature protocol, not an encryption protocol. It is used to generate strings that are used to detect even the very-slightest change to the value from which the MD5 hash was produced. But . . . (by design) . . . you cannot recover the value that was originally used to produce the signature!
If you are working in a corporate, "intra-net" setting, consider using LDAP (Microsoft OpenDirectory) or some other form of authorization/authentication, in lieu of "passwords." In this scenario, the security department authorizes your application to do certain things, and they provide you with an otherwise-meaningless token with which to do it. The database uses the presented token, along with other rules controlled only by the security department, to recognize your script and to grant selected access to it. The token is "useless if stolen."
If you do still need to use passwords, you'll need to find a different way to securely store them. MD5 cannot be used.
Comments
See https://docs.python.org/3.5/library/hashlib.html
import hashlib
print( hashlib.md5(b"stackoverflow").hexdigest() )
