0

I'm using Python to generate passwords for myself - I'd feel a little silly if I found out that those are available in some sort of log somewhere, presumably plaintext

Do console windows, in Pycharm or otherwise, maintain history like that?

Luc Taylor
  • 29
  • 5
  • you can save output to file using file handling – THUNDER 07 Jun 22 '22 at 13:25
  • 1
    I tend to consider this question as off-topic; it is not concerning programming and might be a better fit for *Information Security* section. That said the programming language seems a strange direction to look for security gaps. – guidot Jun 22 '22 at 13:33

2 Answers2

2

No.

If you close your terminal, the outputs are gone. You can just go through your recent inputs by pushing the "up" arrow. Given, that your python script will generate random passwords, this should not be an issue though.

But if you are legitimately concerned for your password safety, a real password manager should be your choice.

itsWavs
  • 56
  • 3
  • 1
    Definite yes to the last line, I'd never _not_ use a password manager (other than to log into windows), they usually come with secure password generation built in too. – Peter Jun 22 '22 at 13:34
0

Could be. Most terminal emulators have a virtual "scroll buffer" that allows you to return to past outputs, thousands and thousands of lines -- everything that appeared on the screen. Obviously this text is collected, managed and stored for this use.

On Macbooks, Terminal.app will save and restore Terminal screen contents across a reboot, so they are stored somewhere. (Terminal has a system of unique session identifiers for each window, so information from multiple windows is managed.) I don't know of a way to recover the text after you close the OS X Terminal window, but that does not mean it is not sitting in some internal working file waiting for garbage collection.

The Python interactive commandline does not seem to save output; only your input is saved (in ~/.python_history), and can be reused in later sessions. As for pycharm, I don't know but since there is no way to view older session output, there's probably no reason to save it after a console window is closed.

As @Thunder wrote, you can avoid this particular problem by writing the passwords into a file, or even putting it directly in your system's clipboard. Clipboard management has its own exposures, but as long as the password is on your computer, it will be exposed somewhere.

But are you right to be worried? An exploit that gains access to your computer can easily assume full control, and looking for generated passwords in random places is certainly low on an attacker's list of priorities-- if anything, a worse-case attack with full access to your environment would be more likely to monitor keyclicks and snap to attention when you are about to authenticate to a known target like a bank, facebook, etc.

So my advice is: Don't worry too much about it. Close the console window after you generated the password, manage passwords securely from there on down (i.e. use a password manager), and use good practices and common sense to keep your computer from being pwned.

alexis
  • 48,685
  • 16
  • 101
  • 161