I need to store passwords in config encrypted as password

Question

I am using Python 3 I have an Auth_INI ConfigParser file with usernames mapped to passwords. I need to encrypt the password with the password so only the password can decrypt it.

> Auth_INI = ConfigParser()
> password = 'password'
> password_encrypted = encrypt(password,'password') 
> Auth_INI['username'] = password_encrypted

All it needs to be is somekind of difficult hash/unhash encoding perhaps. I do not require anything too fancy. No keyrings, just plain text encoded/unencoded.

With this encryption scheme I can easily verify a person by decrypt(password,'guessword') != 'guessword' and there is no reason to do anything more than this.

Is anyone able to recommend an encryption/Encoding library that works like this?

Right now I am just using urlsafe_b64encode('password') and there is no password to decode the password so essentially there is no encryption for the password. Please do help...

Encrypting a password with a password is like dog chasing its own tail. — Klaus D., May 19 '21 at 20:51

score 1 · Answer 1 · answered May 19 '21 at 20:56

From the PyNaCl documentation, here's a quick and dirty example:

import nacl.pwhash

# Password used to hash itself
orig_password = b'my password'

# Hashing the password
hashed_data = nacl.pwhash.str(orig_password)

# The result will be True on password match.
res = nacl.pwhash.verify(hashed_data, orig_password)
print(res)

# On mismatch an exception will be raised
wrong_password = b'My password'
res2 = nacl.pwhash.verify(hashed_data, wrong_password)

found an easy answer: https://stackoverflow.com/a/66728699/15627277 — Kenggi Peters, May 19 '21 at 23:00

I need to store passwords in config encrypted as password

1 Answers1

Linked