10

I have a password string that must be passed to a method. Everything works fine but I don't feel comfortable storing the password in clear text. Is there a way to obfuscate the string or to truly encrypt it? I'm aware that obfuscation can be reverse engineered, but I think I should at least try to cover up the password a bit. At the very least it wont be visible to a indexing program, or a stray eye giving a quick look at my code.

I am aware of pyobfuscate but I don't want the whole program obfuscated, just one string and possibly the whole line itself where the variable is defined.

Target platform is GNU Linux Generic (If that makes a difference)

Improve this question
1
  • If you need real, proper encryption have a look at bcrypt and py-bcrypt to be more specific. To see why you should be using it, read Paul Buchet's article, paulbuchheit.blogspot.com/2007/09/…. Commented Jun 11, 2009 at 17:14

6 Answers 6

Reset to default
26

If you just want to prevent casually glancing at a password, you may want to consider encoding/decoding the password to/from base64. It's not secure in the least, but the password won't be casually human/robot readable.

import base64
# Encode password (must be bytes type)
encoded_pw = base64.b64encode(raw_pw)

# Decode password (must be bytes type)
decoded_pw = base64.b64decode(encoded_pw)
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

This is a very good answer, you can use the best super strong encryption in your code - but since you must also store the decryption key in the code you really aren't gaining any security. But you might easily fool yourself that you are!
This wont protect against a real snoop. But it will protect against an untrained eye glancing at the code and saying "Oh look at that!" and seeing: password = "abc123sdfsdf"
I like the shorter spelling password = 'c2VjcmV0'.decode('base64') It will stop working in Python 3.0, though.
A lot of people seem to think there's some way to security with these passwords. There is, as far as I know, no way other than cleartext or simply-transformed-text to store passwords for accessing internal systems. Base64 is about as good an option as you can get.
2

Obviously your best option is to delegate this to a third party. If you can authenticate with whatever you're connecting to using some other credential (eg. the user account your process is running as), you can leave the permission levels up to the OS layer. Alternatively, if sufficiently important / possible you could prompt the user (storing the key in the (arguably) slightly less hackable wetware instead)

If you do need to store some password or key, I'd recommend you store it seperate from your code, in a file you read in, and de-obfusticate if neccessary. This has the advantages that:

  • You can set the file permissions on the file as tight as possible (ie. only readable by the account your program runs as), unlike the rest of your program which may be read by more people.

  • You won't accidently check it into your version control system!

  • No need to be restricted to printable characters (or use awkward escaping) for a python string, so you can use an arbitrary keyfile if possible, rather than a human readable password. If it's non human-entered, there's no reason to have all the weaknesses of passwords.

To obfusticate, you can use base64 as suggested, or some home-brew scheme like XORing or decrypting with another key stored elsewhere, requiring both locations to be looked at. Be aware that this doesn't protect against anything beyond opportunistic shoulder surfing (if that) - make sure that there is some level of real security as well (including obvious ones like physical access to the machine!)

Improve this answer

Comments

1

You should avoid storing the password in clear in the first place. That's the only "true" solution.

Now, you can encrypt the password easily with the hash module (md5 and similar modules in python 2.5 and below).

import hashlib
mypass = "yo"
a = hashlib.sha256(mypass).digest()
Improve this answer

7 Comments

a cool solution, but the password is cleartext because it has to be read into the method that way. I need a way to store the password in a jumbled way that makes no sense to a human without some work, yet have python know exactly what I'm talking about.
I'd suggest having a salt. This is a well-known that a lot of users are having the same passwords. To protect person with database access from making any correlations, you should to something like salt = ''.join(random.choice(string.ascii_letters) for _ in range(1,5)) hashed_password = 'sha256:%s:%s' % (salt, hmac.new(salt, password, hashlib.sha256).hexdigest())
a hash is one way. I can't decrypt it once it's hashed. I need to send clear text to the method.
I suspect the poster needs to use the password to access some other service.
@caedis: having to input a clear password in a method is not good design. It is very likely that encoding it will not change much the (poor) security of the software - because you should never be able to retrieve the password in text.
|
0

Many password-accepting protocols and facilities have a way to specify a keyfile rather than a password. That strategy will probably work here; rather than hard-coding a password, hard-code a filename (or better yet, make it a parameter!). You could even go as far as SSH and refuse to load keyfiles that aren't (1) owned by the current user (2) only readable by that user.

Improve this answer

1 Comment

I cant use keyfiles in this scenario.
0

It depends alot on why you're keeping the password around, and where you feel there is a security issue.

If you're storing or matching this password to a database in the future:

This shouldn't really be a problem, but if you're concerned, use your database's password encryption early and store that ( SELECT PASSWORD('mySamplePassword'); ), then compare the encrypted version directly in your later query.

If you're saving it for later transmision:

There really isn't much you can do. The transmission itself is very likely to be easier to sniff than your handling of the password.

Without knowing a few more details of what you're doing, this is sortof hard to answer.

Improve this answer

Comments

0

The base64 answer is good for obfuscating the password and will work with no user intervention at the cost of being insecure. If the user can be logged in with access to a system keyring service, take a look at the keyring package. I used it to store passwords on both OS X and Linux systems.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.