Hiding and encrypting passwords in Python?

There are various Python modules that are used to hide the user’s inputted password, among them one is maskpass() module. In Python with the help of maskpass() module and base64() module we can hide the password of users with asterisk(*) during input time and then with the help of base64() module it can be encrypted.

maskpass()

maskpass() is a Python module that can be used to hide passwords of users during the input time. The maskpass() modules also provides a secure way to handle the password prompt where programs interact with the users via terminal.

Installation:

Use pip to install maskpass in the command prompt.

pip install maskpass

These modules have 2 types of functions/methods:

• askpass()
• advpass()

askpass():

askpass uses the standard library to get non-blocking input and returns the password.

import maskpass
pwd = maskpass.askpass()

The above code execution will return the entered password in a string format. There are 2 optional arguments in askpass() method, which are ‘prompt’ and ‘mask’. The default value for the prompt is ‘Enter password :’ and the default value for the mask is asterisk(*).

Note: If you want to mask your password with a string, number or symbol then just pass that value in the mask. For example, if you want to mask your password with hashtag(#) then pass hashtag in mask i.e., mask=”#”, now when the user will enter the password then that password will be hidden with hashtag(#).  

Example 1: Without echoing the password of a user in a prompt

Output:

F:\files>python password.py
Enter Password :
greeksforgreeks

In the above example, the user’s password is not echoed in a prompt while inputting the password because the value assigned in the mask is null i.e. mask=””(no spacing) hence the password is hidden without any string, symbol.

Example 2: Echoing password of user in a prompt

Output:

F:\files>python password.py
Password:###############
greeksforgreeks

In the above example, user’s password will be echoed in a prompt while inputting the password because the value assigned in the mask is hashtag(#) i.e. mask=”#” therefore when the user will enter the password, it will be hidden with a hashtag(#). 

advpass():

advpass uses pynput to get text and returns the password. advpass works in both console and also in Spyder.

import maskpass
pwd = maskpass.advpass()

Here also above code execution will return the entered password in a string format. There are 4 optional arguments in advpass() method, they are ‘prompt’, ‘mask’, ‘ide’, and ‘suppress’.

• Here also default value for prompt is ‘Enter password:’
• The default value for mask is asterisk(*).
• Here ide expects a boolean value i.e., true or false, the default value of ide is False. There is no need to change the value of ide because it’s automatically checked whether it’s running on IDE or terminal.
• suppress also expects a boolean value i.e., true or false, is used only in Spyder IDE. Setting this as True prevents the input from being passed to the rest of the system. This prevents the Spyder console from jumping down when space bar is pressed. The default value for suppress is True.

advpass() method has a revealing feature that will toggle the visibility of the user’s entered password when the Left-Ctrl key is pressed. Press the Left-Ctrl key again to mask/hide the password. Note: This works only with advpass() and needs pynput.

Example 1: Without press of left ctrl key while inputting the password

Output:

F:\files>python password.py
Enter Password: ***************
Password : greeksforgreeks

In the above output the password is hidden with asterisk(*) symbol because a user has not pressed the left ctrl key on the keyboard.

Example 2: With press of left ctrl key while inputting the password:

Output:

F:\files>python password.py
Enter Password: greeksforgreeks
Password : greeksforgreeks

In the above output, the password is not hidden because a user has pressed the left ctrl key on the keyboard.

base64()

The base64 encode and decode function both require a byte-like object. To convert a string into bytes, we must encode a string using Python’s built-in encode function. Mostly UTF-8 encoding is used, you can also use ‘ASCII’ to encode but I recommend using UTF-8 encoding.

Output:

F:\files>python strencode.py
b'greeksforgreek'

here b prefix denotes that the value is a byte object.

Encoding the string using base64() module:

To encode the string i.e. to convert the string into byte-code, use the following method:

base64.b64encode(‘string’.encode(“utf-8”))  

Decoding the byte-code using base64() module:

To decode the byte-code i.e. to convert the byte-code again into a string, use the following method:

base64.b64decode(‘byte-code’).decode(“utf-8”)

Example:

Output:

F:\files>python base64.py
str-byte : b'R3JlZWtzZm9yR3JlZWtz'
byte-str : GreeksforGreeks

In the above example, “GreeksforGreeks” the string is firstly encoded using base64 module i.e. string is converted into byte-code and then with help of base64 module again the byte-code is decoded into its original string i.e. “GreeksforGreeks”.

Hide the user’s password during the input time

Output:

F:\files>python "userLogin.py"
========Create Account=========
Username : Rahulraj
Password : *****

=========Login Page===========
Username : Rahulraj
Password : *****
Successfully logged in.