How to store passwords?

"Martin v. Löwis" martin at v.loewis.de
Wed Jan 7 18:25:45 EST 2009 

> I'm writing a program in which I will ask users to enter user name and
> password once only. It's a console based program that will run on
> Windows XP. Actually, I'm trying to provide the similar functionality
> as "Remember me" thing in browsers. For that, I will need to store
> user name and passwords on the disk. I don't have a background in
> Crypto so how do you suggest I do that? 

Here is how the "Remember me" thing in browsers works:

1. The user *has* to pick a "master password". It can't work
   without (ignoring smartcards etc.).
2. the browser uses the master password to encrypt the many
   individual passwords that the user needs.
3. when the user navigates to a password protected site, the
   browser checks whether it has a cached password, and uses
   the master password to restore the encrypted site password.

In interaction, several cases can occur

A1. site never seen, no master password entered
    - ask user for site password, and whether to
      store password
    - ask user for master password
    - encrypt site password, and store on disk
    - remember master password in memory
A2. site seen before, no master password entered
    - ask for master password, then continue with B2
B1. site never seen, master password entered
    - ask user for site password, and whether to store it
    - (if store) encrypt site password, store on disk
B2. site seen before, master password entered
    - load encrypted password from disk, decrypt with
      master password, send to site

The "encrypt" and "decrypt" operations are "symmetric",
so what you need is a symmetric encryption algorithm.

If you absolutely cannot accept additional algorithms,
you can implement XOR password encryption yourself:
Compute, letter-for-letter, the exclusive or of the
site password and the master password; if you run out
of master password letters, start over with the first
one. Notice that this algorithm is very poor, and can
be cracked by a crypto expert easily, given a few
encrypted passwords.

If you want a good algorithm, you might chose AES,
with pure-Python implementations available here:

http://bitconjurer.org/rijndael.py

A simpler, yet supposedly secure algorithm is TEA:

http://mail.python.org/pipermail/python-list/2002-August/159138.html

Regards,
Martin

More information about the Python-list mailing list