[Tutor] managing sensitive data
Alex Kleider
alexkleider at gmail.com
Tue Mar 30 21:20:21 EDT 2021
Thank you to all who replied and offered suggestions.
Cheers,
Alex
On Tue, Mar 30, 2021 at 9:17 AM Alan Gauld via Tutor <tutor at python.org>
wrote:
> On 30/03/2021 16:37, Alex Kleider wrote:
>
> > "How do I manage sensitive credentials in my Python code?"
>
> > I've faced this problem [1] and solved it by putting the 'sensitive' data
> > (passwords) into dot files in my home directory with strict permission
> > settings. I've not tested it but assume that the code will fail when
> trying
> > to read such a file if the one running the code doesn't have permission
> to
> > read it.
>
> One obvious addition is to encrypt the sensitive data.
> Of course if these are passwords to another system you
> need some form of decryption too, which tends to reduce
> the strength of the encryption possible.
>
> Another option is to store the data in a database
> rather than a file. The database then needs its own login
> credentials to access it and the format of native database
> files tends to be harder to hack than text files (or even
> regular bespoke binary files)
>
> At work we always used a database to store the encrypted
> credentials and then stored the database on an encrypted
> file system. That way there were 2 levels of encryption
> plus two levels of access control to get at them.
>
> --
> Alan G
> Author of the Learn to Program web site
> http://www.alan-g.me.uk/
> http://www.amazon.com/author/alan_gauld
> Follow my photo-blog on Flickr at:
> http://www.flickr.com/photos/alangauldphotos
>
>
> _______________________________________________
> Tutor maillist - Tutor at python.org
> To unsubscribe or change subscription options:
> https://mail.python.org/mailman/listinfo/tutor
>
More information about the Tutor
mailing list