[IPython-dev] Heads-up: no more plaintext passwords in the notebook

Fernando Perez fperez.net at gmail.com
Fri Nov 18 23:23:00 EST 2011

Hi all,

for those of you running a publicly-facing notebook server with a
password, we've just merged this:


Once you pull from master, you'll need to update the password in the
config file, as plaintext passwords are simply not supported anymore.
You can create the salted password in a python session with:

from IPython.lib import passwd

Do NOT do this in an ipython session, as it will log the plaintext to
your history!!!

You can call passwd() without without arguments and it will prompt you
for a password using the getpass module so it's not echoed back onto
your screen.  This will ensure that the plaintext password is never
visible nor logged.

In ipython:

In [1]: from IPython.lib.security import passwd; passwd()
Enter password:
Verify password:
Out[1]: 'sha1:e0209ae16e4e:b9a5d128ff961159b3bd66f7314d33305d60b5b0'

or from the shell:

longs[graphs]> python -c "from IPython.lib import passwd;print passwd()"
Enter password:
Verify password:

You can then replace your current plaintext passwords with this whole string.



More information about the IPython-dev mailing list