pythonsecurityflaskpassword-protectionflask-admin

How to securely retrieve a password of an added user?


I’m developing a flask app where users are preregistered by admins, so I use flask admin panel where an admin can perform CRUD operations on various tables, including the "user" table. When adding a new user, the program generates a password, hashes it, and stores it in the database. The question is how to retrieve the actual password of this added user account for the admin so they could further share it with the user for login.

I considered a few options but I'm not sure which one would be the best approach:

  1. Display the password directly on the page.

  2. Send email to an admin with the password.

  3. Send email with the attached encrypted file which contains a password (in this case a website should somehow send/show the decryption password for admin).

So which option (of course you can suggest other, if you consider they're better than mentioned) would be both secure and convenient?


Solution

  • Do not send password in clear text to user or admin or display it on screen. The best practice is to disable the login by default when account is generated. Generate a random hashed string and send it to user as OTP or send reset password link with some confirmation code. When user clicks on the link or validates the OTP, send him/her to set password page. Once this forced password change is done successfully, user account can be enabled and login can be allowed.