Share your repls and programming experiences

← Back to all posts
Python Login System With Encryption
devcar80

This is a little login system a friend and I made in python. It decrypts, encrypts, and checks if the username is already taken. If you have any suggestions please feel free to leave them in the comments!

Thank you @cecook1022 for helping me with this wonderful project! I couldn't have done it without you.

Voters
user489
beasthunter0114
KaiWhite1
dillonjoshua68
AncientBison
techgeek680
metalcupcake5
JacobHallum
UnNamedNum
DevonCarson
Comments
hotnewtop
Zavexeon

This is cool! As a suggestion, maybe try hashing the passwords instead of encrypting and decrypting them.

Basically, a hash is an irreversible encryption. You hash the password they give, and store that.

When they want to login, you hash their password input and check it against the stored hash. If they match, the passwords are the same.

This makes it harder for people to break your encryption and also doesn't allow you to view their actual passwords (just a privacy thing).

Pandapip2

@Zavexeon https://en.wikipedia.org/wiki/Salt_(cryptography)
This is much more secure than plain hashes. The salt I use is hash(password+hash(username))

Zavexeon

@Pandapip2 Yes salting the hashes increases the security even more. I just use a randomly generated seed that I store.

staticvoidliam7

maybe encrypting and hashing? @Zavexeon

jawwson

I like this, but can you make it so that two usernames can't have the same password?

DevonCarson

@jawwson There shouldn't be a need to have each password be different. If you don't mind me asking why would that be necessary?

dillonjoshua68

for me, when it goes to typing the password, it doesn't enter; it gets stuck and won't type.

cecook1022

@dillonjoshua68 Thats because we used getpass! It doesnt echo your input, so while you type in your password it doesnt show it for added security!

dillonjoshua68
Roar123

Very nice! How does the program store user information for use after it has ended?

cecook1022

@Roar123 It writes all encrypted data(both usernames and passwords) directly to a binary file!

Foster_Bryant

Cool!

Pandapip2

Also, if you are going to use encryption to store passwords (still not recommended), use a .env file to store the key. More information here: https://repl.it/talk/ask/How-to-use-the-env-file/17121

Coder100

Why would you ever decrypt passwords? That just makes it insecure once people find out the function in encrypt.py

Nice work!