[英]Building a password algorithm, with password hashing
Questions/Problem问题/问题
I am attempting to make a password generator that will hash the password after displayed to the user and stores it in a file that it makes the first time it is ran.我正在尝试制作一个密码生成器,它将 hash 显示给用户后的密码并将其存储在第一次运行时创建的文件中。 I am not sure how to go about doing this or how to do this.我不知道如何 go 关于这样做或如何做到这一点。 I tested out a few password generators and ended up going with the one shown below.我测试了一些密码生成器,最终选择了下面显示的那个。 So far I have tried to hash with SH 256 and was unable to get that to work, along with bcrypt.到目前为止,我已经尝试使用 SH 256 进行 hash 并且无法使其与 bcrypt 一起工作。
Code代码
from random import choice, randint
import string
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25,100)))
print(password)
this small example i hope it be useful这个小例子我希望它有用
import random
import string
from random import choice, randint
def get_random_string(length):
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase +
string.digits + string.hexdigits + string.punctuation + string.octdigits
result_str = ''.join(random.choice(characters) for i in range(length))
print("the hasheds password is:", result_str)
get_random_string(8)
get_random_string(8)
Here is a working example using hmac
with sha256
这是一个使用带有sha256
的hmac
的工作示例
import hashlib
import hmac
import string
from random import choice, randint
characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
password = "".join(choice(characters) for x in range(randint(25, 100)))
print(password)
SECRET = 'this is my secret'
def hash_password(pw):
hashed_password = hmac.new(
SECRET.encode(),
msg=pw.encode(),
digestmod=hashlib.sha256
).hexdigest().upper()
return hashed_password
password_file = 'test.password'
with open(password_file, 'w') as f:
f.write(hash_password(password))
user_supplied = input('Enter the password supplied: ')
with open(password_file, 'r') as f:
print(f"Does match? {f.read() == hash_password(user_supplied)}")
Here is an example run这是一个示例运行
bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Enter the password supplied: bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
Does match? True
This is what I use:这就是我使用的:
import hashlib
import bcrypt
import base64
import string
from random import choice
def encrypt_password(password):
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.hashpw(password, bcrypt.gensalt()).decode('ascii') # 60 characters long
def verify_password(password, encrypted_password):
hashed = encrypted_password.encode('ascii')
password = password.encode('utf-8')
if len(password) > 72:
password = base64.b64encode(hashlib.sha256(password).digest())
return bcrypt.checkpw(password, hashed)
def generate_password(length=16, chars=string.ascii_letters+string.digits+string.punctuation):
return ''.join([ choice(chars) for i in range(length) ])
password = generate_password()
encrypted_password = encrypt_password(password)
print(password, encrypted_password)
print(verify_password(password, encrypted_password))
Prints:印刷:
SL6X95n4rk<[VHK_ $2b$12$q6DfXygpSFW3JI9EQXJmm.wy8ZhhJiJ6mK907bHJXnv8XQdEe9ofG
True
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.