基本上,我想要一个登录框,以及下次登录时记住密码的选项。我知道那里有加密模块,但它们首先需要密码才能工作。有没有办法获取用户用于登录计算机的密码,并使用它来加密我的应用程序的密码?
所以简而言之,我如何安全地存储密码以备后用。
我正在使用 python 3,我的程序需要是跨平台的。
基本上,我想要一个登录框,以及下次登录时记住密码的选项。我知道那里有加密模块,但它们首先需要密码才能工作。有没有办法获取用户用于登录计算机的密码,并使用它来加密我的应用程序的密码?
所以简而言之,我如何安全地存储密码以备后用。
我正在使用 python 3,我的程序需要是跨平台的。
听起来你需要钥匙圈:https ://pypi.python.org/pypi/keyring
You cannot get the password the user used to log in to the computer.
And, if you could, you would not want to store it.
In fact, the OS doesn't even have the user's password. The OS has a hash of it, and when the user logs in, it hashes what the user types and checks that it matches.
Also, if you ask the user to log in with their system password, any savvy user is going to immediately mistrust your app and refuse to use it. Make them create a password, and then login with that, not their system password. And don't save the password, save a hash, just like the OS does.
If you want to verify that they've been authenticated by the OS… well, you already know that, or they couldn't have logged in to run your app. (If you're building a network server that allows remote login based on local accounts, that's a different story, but it's not relevant to your use case, and complicated, so I won't get into it here.)
If you want to allow someone to "stay logged in", you don't do that by saving their password. Instead, you create some kind of hard-to-fake "session key" when they log in, and store that somewhere. They don't have to log in again until you destroy the session key (which you do when they log out).
The one exception to "never store passwords" is when you need to act as a "proxy" for the user to some other application that needs their password. A well-designed application will provide a way for you to proxy the login properly, but many applications are not well-designed. Web browsers have to do this all the time, which is why most web browsers have a "remember my password at this site" checkbox.
In this case, you do want to store passwords, ideally encrypted by the OS on your behalf (e.g., using OS X's Keychain APIs), or, if not, encrypted by you code using some key that's generated from the user's "master password" (which you don't store).
Unfortunately, there is no real shortcut to learning how to design for security—or, rather, there are all kinds of shortcuts, and taking any one of them means your entire system ends up insecure and all the work you put into trying to secure it ends up useless.
The easy solution is to use complete off-the-shelf solutions.
If you want to design things yourself, you need at least a basic grounding in all of the issues. Start with one of Bruce Scheneier's "pop" books, Secrets and Lies or Beyond Fear. Then read his Practical Cryptography on designing cryptosystems, and Applied Cryptography on evaluating crypto algorithms. Then, once you realize how much you don't know and how important it is, learn everything you need for your problem, and then you can think about solving it.
没有出路。如果应用程序不要求用户输入密码,那么它就没有安全地存储密码,它只是在做……“事情”。在这种情况下,不要给用户一种错误的安全感,使用明文。
一个值得注意的例外是 GNOME 登录密钥环(以及其他平台上的等效项)不要求输入密码,但它使用了一个技巧:它使用您的登录密码加密数据,并在您启动时使用相同的密码解密它们。
如果您正在使用本地客户端开发 Web 应用程序,请考虑使用 OAuth 而不是密码。