How to encrypt password and login in txt file?

S

SANTIK_YT2021-12-28 10:11:23

Python

SANTIK_YT, 2021-12-28 10:11:23

In short, I created a type of registration and an entrance, and when we register, a txt document is created and there the login and password are written, I want to encrypt it, and when I need to enter, it was decrypted, read and encrypted back. it is desirable to insert the script into the code:

from tkinter import *
from tkinter import messagebox
import tkinter as tk
from cryptography.fernet import Fernet
import pickle

root = Tk()
root.geometry("300x300")
# root.geometry("300x500")
root.title("Login panel")
root.resizable(width=False, height=False)
Tag1 = Label(text="Login Panel By SANTIK", fg='#0c0')
Tag1.pack()

def registration():
    reg_win = Toplevel(root)
    reg_win.geometry("300x300")
    reg_win.title("Login panel")
    reg_win.resizable(width=False, height=False)
    Tag2 = Label(reg_win, text="Login Panel By SANTIK", fg='#0c0')
    text_log = Label(reg_win,text="Введите ваш логин:")
    registr_login = Entry(reg_win, )
    text_password1 = Label(reg_win, text="Введите ваш пароль:")
    registr_password1 = Entry(reg_win, )
    text_password2 = Label(reg_win, text="Подтвердите пароль:")
    registr_password2 = Entry(reg_win, show="*")
    button_registr = Button(reg_win, text="Зарегестрироваться!", command=lambda: save())
    Tag2.pack()
    registr_login.pack()
    text_password1.pack()
    registr_password1.pack()
    text_password2.pack()
    registr_password2.pack()
    button_registr.pack()
    def save():
        text_log = Label(reg_win, text="Поздравляем! Теперь вы можите войти в систему!")
        text_log.place(x=10,y=145)
        key = Fernet.generate_key()
        login_pass_save = {}
        login_pass_save[registr_login.get()]=registr_password1.get()
        f = open("login.txt", "wb")
        pickle.dump(login_pass_save, f)
        f.close()

def login():
    log_win = Toplevel(root)
    log_win.geometry("300x300")
    log_win.title("Login panel")
    log_win.resizable(width=False, height=False)
    Tag3 = Label(log_win, text="Login Panel By SANTIK", fg='#0c0')
    text_enter_login = Label(log_win, text="Введите ваш логин:")
    enter_login = Entry(log_win, )
    text_enter_pass = Label(log_win, text="Введите ваш пароль:")
    enter_password= Entry(log_win, show="*")
    button_enter = Button(log_win, text='Войти', command=lambda: log_pass())
    Tag3.pack()
    text_enter_login.pack()
    enter_login.pack()
    text_enter_pass.pack()
    enter_password.pack()
    button_enter.pack()

    def toggle_password():
        if enter_password.cget('show') == '':
            enter_password.config(show='*')
            toggle_btn.config(text='Показать пароль')
        else:
            enter_password.config(show='')
            toggle_btn.config(text='Спрятать пароль')
    toggle_btn = tk.Button(log_win, text='Показать пароль', width=20, command=toggle_password)
    toggle_btn.place(x=65,y=135)

    def log_pass():
        f = open("login.txt", "rb")
        a = pickle.load(f)
        f.close()
        if enter_login.get() in a:
            if  enter_password.get() == a[enter_login.get()]:
                messagebox.showinfo("Вход выполнен!","Вход успешный! Поздравляю!")
            else:
                messagebox.showerror("Ошибка входа!","Логин или пароль не верный! Проверте их на наличие ошибки!")
        else:
            messagebox.showerror("Ошибка входа!","Логин или пароль не верный! Проверте их на наличие ошибки!")


button_reg = Button(root, height=10, width=18, text="Зарегистрироваться!", command=registration)
button_reg.place(x=5, y=50)
button_log = Button(root, height=10, width=18, text="Войти!", command=login)
button_log.place(x=150, y=50)


root.mainloop()

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Cheremisin, 2021-12-28
@SANTIK_YT

Passwords do not need to be encrypted! You need to store the salt + password hash.
When comparing, separate the salt, xpshare the user's password with this salt, and compare the resulting hash with the existing one.

import hashlib, uuid
salt = uuid.uuid4().hex
hashed_password = hashlib.sha512(password + salt).hexdigest()

#!/usr/bin/python3
import hashlib, uuid

SEPARATOR = "&"
# generate hash string with salt
def gen_hash(pwd, salt):
    return hashlib.sha512(pwd + salt).hexdigest()

# generage hash password string (for safe to file)
def gen_pw_string(pwd):
    salt = uuid.uuid4().hex
    return salt + SEPARATOR + gen_hash(pwd, salt)

# parse hash password string, split it by salt and password hash
def parse_pw_string(pwstring):
    return pwstring.split(SEPARATOR)

# check password by its password hash string
def check_pwd(pwd, pwstring):
    salt, _pwhash = parse_pw_string(pwstring)
    pwhash = gen_hash(pwd, salt)
    return pwhash == _pwhash


### test time!

pwd1 = "123456"
pwd2 = "qwerty"

# genetate hash strings (may be saved to file or DB)
pwstring1 = gen_pw_string(pwd1)
pwstring2 = gen_pw_string(pwd2)
print(pwd1, pwstring1)
print(pwd2, pwstring2)

# check passwords
# must be True
print(check_pwd(pwd1, pwstring1))
print(check_pwd(pwd2, pwstring2))
# must be False
print(check_pwd(pwd1, pwstring2))
print(check_pwd(pwd2, pwstring1))

('123456', 'f2b56ad9006a475e8c4f9b64446c3f5b&46c2d252a2667cc4b5a754ef5816e981570fd4bd9ced3ed1a6f6aaeae8ae83b795d6ffb66b3fe34650469b1c0d537785c2611157d41ebee6e54dc09527600a0c')
('qwerty', 'f2b56ad9006a475e8c4f9b64446c3f5b&3da9c4223c9fa2c66f5d70432401db14a89ddfe6feb99423083d152f98ef199d484b95b09a6535c766f28223c422cd1d862250867c12c7077144564b5c3fbc79')
True
True
False
False