All geek questions in one place

Is there a way to access the keyboard in Windows without providing a master password?

I am developing a script with an employee that involves connecting to a database. We want to keep the code independent of the one that one of us uses, while keeping our passwords private and should not be authenticated again and again during the working day. After some searching (we are both new to Python) it seems like we can use keyring for this purpose, so I installed it from pip (most likely version 1.2.2 of the library based on my installation date memory).

The problem is that when I try to access my saved passwords, I am asked to set a master password to access keyring, as shown here (from IDLE):

>>> import keyring >>> keyring.set_password('Service', 'MyUsername', 'MyPassword') Warning (from warnings module): File "C:\Python27\lib\getpass.py", line 92 return fallback_getpass(prompt, stream) GetPassWarning: Can not control echo on the terminal. Warning: Password input may be echoed. Please enter password for encrypted keyring:

After setting the password, I can easily get and set passwords until I restart the shell. Now I have to enter the main password again:

 >>> ================================ RESTART ================================ >>> import keyring >>> print keyring.get_password('Service', 'MyUsername') Warning (from warnings module): File "C:\Python27\lib\getpass.py", line 92 return fallback_getpass(prompt, stream) GetPassWarning: Can not control echo on the terminal. Warning: Password input may be echoed. Please enter password for encrypted keyring:

After entering the master password, this authentication is saved only during the current session / between restarts. When running scripts from the command line, this is even worse - I have to authenticate every time the script starts. At the moment, keyring does not save me from time or effort, and I doubt that my password will be more secure and memorable and manual.

After searching for solutions, it looks like keyring is automatically authenticated on Unix if the master password matches the password of the user account, but this does not work for me on Windows.

Am I trying to get a keyring to do what he did not want to do, or is there only a mistake in my implementation?

My experience seems to conflict with the message of another user who claims that they are not prompted for a password when the application tries to access keyring in the corresponding question, How does python-keyring work on Windows?

+6
source share
1 answer

Which backend are you using? Check using:

 >>> from keyring import get_keyring >>> get_keyring() [... what is output here?]

If it outputs this:

 <keyring.backends.file.EncryptedKeyring object at 0x.....>

Then why does he ask for a password. It was not possible to find any specific trinkets for a specific platform in the module, so instead you simply encrypt your passwords with a master password and put them in a regular file.

For me personally, it’s more important that my scripts run unattended than my passwords, and I wrote this function:

 def configureKeyring(): """ EncryptedKeyring requires a master password to unlock it, which is not ideal for our scripts since we want them to run unattended. So if we're using EncryptedKeyring, automatically swap to a PlaintextKeyring instead. If we're using something else, say WinVaultKeyring, then that more secure than PlaintextKeyring without being any less convenient, so we'll use it. """ from keyring import get_keyring, set_keyring from keyring.backends.file import EncryptedKeyring, PlaintextKeyring if isinstance(get_keyring(), EncryptedKeyring): set_keyring(PlaintextKeyring())

Before using keyring to set_password or get_password , run this configureKeyring() function if you, like me, do not need to insert a master password so that your passwords are safe. Please consider the security implications that you keep your passwords in clear text before doing so.

The best long-term solution is to probably research all the other available backends and establish the correct prerequisites so that you can use another one if it exists where you do not need to enter the main password and just be enough to log in.

+1
source

Source: https://habr.com/ru/post/946034/

More articles:


All Articles