pythonpassword-encryptionpassword-hashpassword-generator

Building a password algorithm, with password hashing


Questions/Problem

I am attempting to make a password generator that will hash the password after displayed to the user and stores it in a file that it makes the first time it is ran. I am not sure how to go about doing this or how to do this. I tested out a few password generators and ended up going with the one shown below. So far I have tried to hash with SH 256 and was unable to get that to work, along with bcrypt.

Code

from random import choice, randint
import string

characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits

password = "".join(choice(characters) for x in range(randint(25,100)))

print(password)

Solution

  • Here is a working example using hmac with sha256

    import hashlib
    import hmac
    import string
    from random import choice, randint
    
    characters = string.ascii_letters + string.ascii_lowercase + string.ascii_uppercase + string.digits + string.hexdigits + string.punctuation + string.octdigits
    
    password = "".join(choice(characters) for x in range(randint(25, 100)))
    
    print(password)
    
    SECRET = 'this is my secret'
    
    
    def hash_password(pw):
        hashed_password = hmac.new(
            SECRET.encode(),
            msg=pw.encode(),
            digestmod=hashlib.sha256
        ).hexdigest().upper()
        return hashed_password
    
    
    password_file = 'test.password'
    with open(password_file, 'w') as f:
        f.write(hash_password(password))
    
    user_supplied = input('Enter the password supplied: ')
    
    with open(password_file, 'r') as f:
        print(f"Does match? {f.read() == hash_password(user_supplied)}")
    

    Here is an example run

    bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
    Enter the password supplied: bXFREVkOJ~PDUBEfSkUcK[W6s~yDcDzdCi*SjxOc6T79a5[7s\P0i|)yh#'rK6nzB@CEDX1T7Umc-OOEi
    Does match? True