We help IT Professionals succeed at work.
Get Started

Python Password Encryption

Isaiah Melendez
on
140 Views
Last Modified: 2020-03-09
Hello, Experts,

I am new to the encryption world. I have some python experience under my belt but not much when it comes to encrypting passwords. I have compiled a python script that is very simple. It queries a directory > grabs a specific type of file > starts a FTP transmission > ends.

Currently, in testing, my python script has the URL, username, password in cleartext. For obvious reasons, I want to move away from that. What is the best practice to encrypt my data?

Assumptions:
  • Script will be downloaded from an FTP host to various machines
  • The script will be placed in a hidden dir
  • Service will run to kick off-script during an interval

It would make sense for me since this script will be deployed globally to encrypt password once, store in some sort of file, then reference later in the script.

I am looking for some pointers, examples, and best practices.

#import libraries
import os
import pysftp

# query for file to ftp
alr_file = '/Users/path/to/file/to_ftp'
ftpALR = []

def findFile():

    for item in os.listdir(alr_file):
        if item.endswith('.mdb'):
            ftpALR.append(alr_file + '/' + item)

# ftp transmission function
def ftpTransmit():
    # list ftp dir
    cnopts = pysftp.CnOpts()
    cnopts.hostkeys = None
    with pysftp.Connection(host='ftp.acme.com',
                              username='cloudUser',
                              password='NOT_A_REAL_PWD',
                              port=22,
                              cnopts=cnopts) as sftp:

        length = len(ftpALR)

        for i in range(length):
            sftp.put(ftpALR[i])


findFile()
ftpTransmit()

Open in new window

Comment
Watch Question
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 1 Answer and 6 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant

An Experts Exchange subscription includes unlimited access to online courses.

Get Started
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE