Share your repls and programming experiences

← Back to all posts
Login for Python
h
JordanDixon1 (371)

I made a login for Python. It needs work (Encryption isn't my strong suit.) but I'm still proud of it because I'm a "little" new to programming.

Commentshotnewtop
[deleted]

Just wanted to point out that base64 isn't encryption, it is encoding. You should look at hashing (bcrypt is the type used in 2019.)

JordanDixon1 (371)

@sanjaykdragon Ok, thanks for the tip. I updated the code to have bcrypt.

yassinelsayed (0)

what is the password?

JordanDixon1 (371)

@yassinelsayed this post is a little old so I am not sure, however, you can change the password using the code. In the meantime i will try to figure it out

JordanDixon1 (371)

@yassinelsayed Alright, I changed the password to abrahamlincoln.

JordanDixon1 (371)

@JordanDixon1 (password is not case sensitive)

yassinelsayed (0)

@JordanDixon1 Ok thank you, do you mind telling me how to change the password?

JordanDixon1 (371)

@yassinelsayed just go to a bcrypt generator site and encrypt your new password and copy it, then go to where it says mpassword = ""
And replace the inside of thr string with your passcode. When the login comes up, type in the unencrypted password and follow the instructions to change the password. The Master password you set can be used anytime you wqnt to login but forgot the password to change it. Useful for an admin and a client wanting to use the app but forgot thr password.

Tricksyz (18)

I made your login prompt more secure by encrypting your password in an MD5 and making uchoice so that it converts to MD5 and checks if the two hashes are the same. https://repl.it/@Tricksyz/detective-log-in

JordanDixon1 (371)

@Tricksyz Do you think theres a way to encrypt the data as well?

CSharpIsGud (643)

@Tricksyz That's not really more secure, its equivalent to just comparing the passwords. Now if we were talking authentication with a server, its redundant. anything you send over a HTTPS connections is encrypted for you. if its just HTTP then md5 wont help, to quote Wikipedia Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.