Programming Forums - View Single Post

hydroxide · Jul 29th, 2005, 12:15 AM

1/ You should compare encrypted/hashed strings only
2/ You should use library encryption rather than hand rolling your own.
3/ You should use library functions for other things too.

Do the following in the Interactive Interpreter (etc)

(Toggle Plain Text)

import md5
print md5.md5("InsertYourPasswordHere").hexdigest()

copy the output (in this case 66e37426a7ff13e2957b2eed7c26039b, but obviously it'll be different for a different password)

Then in your user code use:

(Toggle Plain Text)

from getpass import getpass
from md5 import md5
MYPASSWORDHASH = "66e37426a7ff13e2957b2eed7c26039b" # or whatever
def get_password():
    for i in range(3):
        password = md5(getpass("Enter your password: "))
        if password.hexdigest() == MYPASSWORDHASH:
            return True
    return False

def main():
    if get_password():
        print "Success"
        # do something here
    else:
        print "Failure"
        # do something else here

if __name__ == "__main__":
    main()

--OH.
[Ok, md5 is theoretically breakable... =]

Jul 29th, 2005, 12:15 AM	#11
hydroxide Programmer Join Date: Apr 2005 Posts: 73 Rep Power: 4	1/ You should compare encrypted/hashed strings only 2/ You should use library encryption rather than hand rolling your own. 3/ You should use library functions for other things too. Do the following in the Interactive Interpreter (etc) (Toggle Plain Text) import md5 print md5.md5("InsertYourPasswordHere").hexdigest() import md5 print md5.md5("InsertYourPasswordHere").hexdigest() copy the output (in this case 66e37426a7ff13e2957b2eed7c26039b, but obviously it'll be different for a different password) Then in your user code use: (Toggle Plain Text) from getpass import getpass from md5 import md5 MYPASSWORDHASH = "66e37426a7ff13e2957b2eed7c26039b" # or whatever def get_password(): for i in range(3): password = md5(getpass("Enter your password: ")) if password.hexdigest() == MYPASSWORDHASH: return True return False def main(): if get_password(): print "Success" # do something here else: print "Failure" # do something else here if __name__ == "__main__": main() from getpass import getpass from md5 import md5 MYPASSWORDHASH = "66e37426a7ff13e2957b2eed7c26039b" # or whatever def get_password(): for i in range(3): password = md5(getpass("Enter your password: ")) if password.hexdigest() == MYPASSWORDHASH: return True return False def main(): if get_password(): print "Success" # do something here else: print "Failure" # do something else here if __name__ == "__main__": main() --OH. [Ok, md5 is theoretically breakable... =]