Hashing in python (encrypting)

Question

i am trying to implement a encryption into my login program, i've looked for help in many places but i can't seem to understand any of it. Im fairly new to python and im warming up for a university course in it. im interested in if it is possible to implement it as a class in my already excisting program, any tips or explanations would be greatly appreciated

So basicly what im asking is, how would it look if i wanted the program to encrypt the passwords between runs and the decrypt them again so that the program can use them when it runs.

Program:

import json 

with open("login_data.txt", "r") as login_file:
    try:
        users = json.load(login_file)
    except:
        users = {}

status = ""

def Display_Menu():

    status = input("Are you a registered user? (y/n)? Press q to quit: ")
    if status == "y":
        Old_User()
    elif status == "n":
        New_User()
    elif status == "passwd":
        Change_Passwd()
    elif status == "q":
        skriva = open("login_data.txt", "w")
        json.dump(users, skriva)
    return status

def New_User():

    Create_Login =input("Create login name: ")
    if Create_Login in users:
        print ("Login name already exist!")
    else:
        Create_Password =input("Create password: ")
        users[Create_Login] = Create_Password
        print("New User created!")        
    current_user = None

def Old_User():
    global current_user  

    login =input("Enter login name: ")
    Password =input("Enter password: ")

    if login in users and users[login] == Password:

        print("Login successful!")  
        current_user = login
        status = input("Wanna quit, change pass, och logout?")       
        if status == "passwd":
            Change_Passwd()
        elif status == "logout":
            Display_Menu()
        elif status == "q":
            skriva = open("login_data.txt", "w")
            json.dump(users, skriva)
        return status

    else:
        print("User doesn't exist or wrong password!")

def Change_Passwd():    
    oldpass =input("Old password: ")

    if current_user in users and users[current_user] == oldpass:
        Create_Password = input("New password: ")
        users[current_user] = Create_Password

        if Create_Password == input("Confirm password: "):
            print("Password changed!")
        else:
            print("User authorization failure")
            users[current_user] = oldpass
    else:
        print ("No password match!")

while status != "q":            
    status = Display_Menu()

Not sure whether you are asking about password hashing, or specifically how to implement it in Python. For the former, see https://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it?rq=1 for the latter, see https://stackoverflow.com/questions/9594125/salt-and-hash-a-password-in-python — DNA, May 03 '14 at 22:56
More background on password hashing: https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords — Perseids, May 04 '14 at 09:20

score 0 · Answer 1 · edited May 23 '17 at 10:26

0

MD5 is a really simple hashing algorithm, this is some sample usage:

>>> hashlib.md5("String you want to encrypt").hexdigest()
'096a773d70e934d03ae3dd8022deed5e'

MD5 is by no means secure, but it is sufficient to illustrate some points. You could for instance store usernames and hashed passwords in some format of your choosing, ie.:

username1, hash1
username2, hash2

This (Difference between Hashing a Password and Encrypting it) could be a relevant read.

edited May 23 '17 at 10:26

Community

1
1

answered May 03 '14 at 22:57

Øyvind Robertsen

403
3
5

all i want is a simple encrypt and decrypt function im trying to find a easy way to implement it. **code Def Old_User(): global current_user login =input("Enter login name: ") #print(users[login]) <- here is where i would like to decrypt it Password =input("Enter password: ") code** And then encrypt it before the program saves the password to the file file looks like name = login_data and typed in it "{"halo": "molly"}" @Padraic Cunningham – StDuz May 04 '14 at 10:06
Also, why don't **code password = input("Password: ") encrypt = hashlib.md5(password).hexdigest() code** Get the error "Unicode-objects must be encoded before hashing" – StDuz May 04 '14 at 10:08
It's possible you have to use password.encode("utf-8") before hashing. – Øyvind Robertsen May 04 '14 at 18:48

score 0 · Answer 2 · answered May 03 '14 at 23:37

bcrypt is a library you should have a look at.

import bcrypt
password = b"super secret password"
# Hash a password for the first time, with a randomly-generated salt
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# Check that a unhashed password matches one that has previously been
#   hashed
if bcrypt.hashpw(password, hashed) == hashed:
    print("It Matches!")
else:
    print("It Does not Match :(")

Hashing in python (encrypting)

2 Answers2