How to store passwords?
google at mrabarnett.plus.com
Wed Jan 7 23:00:12 CET 2009
> On Jan 8, 1:55 am, "Sebastian Bassi" <sba... at clubdelarazon.org>
>> In general you don't store the password, but a "hash" of it. Then
>> when the user logs-in, you hash it and compare the result with the
>> stored hash. About hash, use sha, look
> But the thing is that I will ask the user for user name and password
> only once i.e. when they start the application for the first time.
> After that, I'm not supposed to ask the user name and password again.
> So in this scenario, if I store a hash on the disk I cannot retrieve
> plain-text string back from my hash as I've to send user name and
> password to the server in plain-text.
Is the application itself password-protected? If not, then there's no
point in encrypting the username and password for the server in a file
because anyone could just run the application after the first time and
use it to access the server.
More information about the Python-list