patternpythonMinor
Password Keeper/Generator
Viewed 0 times
generatorkeeperpassword
Problem
Is there anything I should add or change? Is it easy to follow? How could I shorten it?
How can I improve the overall program to make it a program you would use on a regular basis?
```
#Programmer: DeliriousMistakes
#Date: 10-17-15
#File: password.py
#This program lets you store and create passwords
import random
import shelve
print "Welcome to the account saver!"
def random_password():
"""Creates a new random password"""
print'\n'
account = raw_input("Account: ")
username = raw_input("Username: ")
digits_in_pass = raw_input("Length of password: ")
while not digits_in_pass.isdigit():
print "Incorrect input!"
digits_in_pass = raw_input("Length of password: ")
password = gen_password(int(digits_in_pass))
entry = finish_new_account(account, password, username)
print entry + '\n'
def manual_input():
"""Manually input a password"""
print'\n'
account = raw_input("Account: ")
username = raw_input("Username: ")
password = raw_input("Password: ")
entry = finish_new_account(account, password, username)
print entry + '\n'
def find_account():
"""Find an existing account"""
print '\n'
search = raw_input("For which account are you searching: ")
f = shelve.open("accounts.dat")
if search in f:
account = f[search]
print account
else:
print "I'm sorry we could not find any account related to " + search
print '\n'
f.close()
def finish_new_account(account, password, username):
"""Sends entry to save() and returns a message"""
entry = create_entry(account, password, username)
save(account, entry)
return "Save successful. " + "\n" + str(entry) + "\n"
def create_entry(account, password, username):
"""Creates the entry"""
return "Account: " + account + " - Username: " + username + " - Password: " + password
def save(account, entry):
"""Saves account"""
f = shelve.open("accounts.dat")
saves = [entry]
f[acc
How can I improve the overall program to make it a program you would use on a regular basis?
```
#Programmer: DeliriousMistakes
#Date: 10-17-15
#File: password.py
#This program lets you store and create passwords
import random
import shelve
print "Welcome to the account saver!"
def random_password():
"""Creates a new random password"""
print'\n'
account = raw_input("Account: ")
username = raw_input("Username: ")
digits_in_pass = raw_input("Length of password: ")
while not digits_in_pass.isdigit():
print "Incorrect input!"
digits_in_pass = raw_input("Length of password: ")
password = gen_password(int(digits_in_pass))
entry = finish_new_account(account, password, username)
print entry + '\n'
def manual_input():
"""Manually input a password"""
print'\n'
account = raw_input("Account: ")
username = raw_input("Username: ")
password = raw_input("Password: ")
entry = finish_new_account(account, password, username)
print entry + '\n'
def find_account():
"""Find an existing account"""
print '\n'
search = raw_input("For which account are you searching: ")
f = shelve.open("accounts.dat")
if search in f:
account = f[search]
print account
else:
print "I'm sorry we could not find any account related to " + search
print '\n'
f.close()
def finish_new_account(account, password, username):
"""Sends entry to save() and returns a message"""
entry = create_entry(account, password, username)
save(account, entry)
return "Save successful. " + "\n" + str(entry) + "\n"
def create_entry(account, password, username):
"""Creates the entry"""
return "Account: " + account + " - Username: " + username + " - Password: " + password
def save(account, entry):
"""Saves account"""
f = shelve.open("accounts.dat")
saves = [entry]
f[acc
Solution
Security holes
-
The program generates passwords by calling
-
The passwords are stored using
-
The program generates passwords by calling
random.choice. But this is a pseudorandom function, which means that the passwords are predictable. You must use random.SystemRandom instead.-
The passwords are stored using
shelve. A shelve database is not encrypted. This means that anyone who can get hold of the accounts.dat file can read your passwords. The password file must be encrypted with a master password.Context
StackExchange Code Review Q#108434, answer score: 7
Revisions (0)
No revisions yet.