Python Forum

Python Forum > Python Coding > Homework > Using hashlib for user password
Full Version: Using hashlib for user password
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

seadoofanatic

Mar-02-2018, 05:54 PM
So I have to hash a user entered password and then write the hashed password to a file. The code I have puts the clear text password into the file not the hash.
This is my code for my function
import hashlib

def writeHashedPswd(password):
    
    
   # try:
        myhash = hashlib.md5(password)
        myfile = open("password.txt", "w")
        myfile.write(password + '/n')
        password = myhash.hexdigest()
        myfile.close()
      
        myfile = open("password.txt", "a")
        myfile.write("an error occured.")
        myfile.close()
Code for program file
import a8

password = raw_input('Enter your password: ')
a8.writeHashedPswd(password)
What am I missing? Thanks!

Gribouillis

Mar-02-2018, 07:36 PM
At line 9 you are writing the password into the file.

seadoofanatic

Mar-04-2018, 03:54 PM
Do I need to remove line 9 then?
(Mar-02-2018, 07:36 PM)Gribouillis Wrote: [ -> ]At line 9 you are writing the password into the file.

wavic

Mar-04-2018, 04:39 PM
I don't know what is the purpose of this but hashing a password with md5 is dangerous. Use at least sha256. Which is not safe too. With a proper hardware is not so time-consuming to find the password.

Look at argon2id or argon2i with at least 3-5 passes.

Ah, Homework forum... Sorry!

DeaD_EyE

Mar-04-2018, 04:48 PM
Please use pbkdf2 from hashlib.
Use as 64bit salt and a sha512 as algorithm for example. Md5 is for security a nightmare. Plase tell this your teacher. Don not use md5 to hash passwords.
Python Forum > Python Coding > Homework > Using hashlib for user password