How to store passwords?
"Martin v. Löwis"
martin at v.loewis.de
Thu Jan 8 00:25:45 CET 2009
> I'm writing a program in which I will ask users to enter user name and
> password once only. It's a console based program that will run on
> Windows XP. Actually, I'm trying to provide the similar functionality
> as "Remember me" thing in browsers. For that, I will need to store
> user name and passwords on the disk. I don't have a background in
> Crypto so how do you suggest I do that?
Here is how the "Remember me" thing in browsers works:
1. The user *has* to pick a "master password". It can't work
without (ignoring smartcards etc.).
2. the browser uses the master password to encrypt the many
individual passwords that the user needs.
3. when the user navigates to a password protected site, the
browser checks whether it has a cached password, and uses
the master password to restore the encrypted site password.
In interaction, several cases can occur
A1. site never seen, no master password entered
- ask user for site password, and whether to
- ask user for master password
- encrypt site password, and store on disk
- remember master password in memory
A2. site seen before, no master password entered
- ask for master password, then continue with B2
B1. site never seen, master password entered
- ask user for site password, and whether to store it
- (if store) encrypt site password, store on disk
B2. site seen before, master password entered
- load encrypted password from disk, decrypt with
master password, send to site
The "encrypt" and "decrypt" operations are "symmetric",
so what you need is a symmetric encryption algorithm.
If you absolutely cannot accept additional algorithms,
you can implement XOR password encryption yourself:
Compute, letter-for-letter, the exclusive or of the
site password and the master password; if you run out
of master password letters, start over with the first
one. Notice that this algorithm is very poor, and can
be cracked by a crypto expert easily, given a few
If you want a good algorithm, you might chose AES,
with pure-Python implementations available here:
A simpler, yet supposedly secure algorithm is TEA:
More information about the Python-list