Secure storage for passwords for admin scripts?

Thomas Krüger thomas.krueger at gmx.net
Tue Aug 10 17:28:21 CEST 2004


Max wrote:

> I have a collection of system admin scripts (on Win 2k) that I would
> like to automate the execution of. However, some of them require the
> use of logins with admin rights, and would therefore prefer not to
> store the IDs in the clear text of the source. If memory serves
> correctly, the "compiled" .pyc files do not provide much security in
> this area.
> 
> Are there are recommended methods for supplying scripts with login
> information in a secure fashion?

Compiled Python scripts can be decompiled pretty easy. So they will not give
any security at all.
To store the password securely you can hash them with an algorithm like MD5.
For authentication you also hash the entered password and compare it with
the stored hash.

Thomas



More information about the Python-list mailing list