How to securely store database password in Python?

python database security passwords
11,590

Well, one way of doing this is putting the passwords in a separate config/ini file that is not deployed with the project. And then, pass the path of this file to the main entry of the application, e.g.:

python main.py --config=/path/to/config.ini

Note that you'll need to parse this --config argument (see argparse) and then read and parse the config.ini file.

Update: Since you mentioned web applications, there is also another way of passing configuration information - through the environ. For example, if you use mod_wsgi, you can putt this in the wsgi directives:

SetEnv my_namespace.some_param some_value

And then, this value will be accessible in the application with through os.environ:

import os
os.environ['my_namespace.some_param']
Share:
11,590
dotancohen
Author by

dotancohen

I currently develop and support the backends of a few LAMP-stack based web applications for BSS (Business Support Services) that my company specializes in. I have experience in software project management, business process development, and I ran a software development business for a short time (actually twice). I have been using PHP since 1998 or '99, and I'm reasonably competent in the associated client-side technologies. I find myself using Python often, mostly for my own personal projects, I'm quite poetic in VIM, and of course Git is a cornerstone of my development. Lately I have been experimenting with machine learning, mostly with scikit-learn.

Updated on June 21, 2022

Comments

  • dotancohen
    dotancohen almost 2 years

    In PHP the accepted way to secure database login credentials is to store them outside the web root, and to include() the files with the passwords. How are MySQL database login credentials safely stored in Python applications?

    • hakre
      hakre almost 11 years
      What have you found out so far? Looking into PHP applications seems useless if you want to learn about practices in Python in my eyes. And luckily there is a lot of Python code floating around, so what has your research covered up?
    • dotancohen
      dotancohen almost 11 years
      I mentioned the PHP best practice as it is an environment that I am familiar with. As for Python, I've found only suggestions to obfuscate the password (base64 or the like), and to ensure that the Python file is not readable by others (0700 permissions). I ask here if there is a better way.
    • northben
      northben about 9 years
      I use the keyring library (pypi.python.org/pypi/keyring) and store the actual credentials in the OS's credential storage utility. It's very easy to implement, and it seems quite secure to me.
    • dotancohen
      dotancohen about 9 years
      @northben: Thanks, that does look like a good possibility.
  • amanb
    amanb about 6 years
    Another possibility is to use configparser to parse contents of a config.ini file.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

password limitations in SQL Server and MySql
Best way to store password in database
Why encrypt user passwords?
Mark data as sensitive in python
Is it okay that database credentials are stored in plain text?
Securely Erasing Password in Memory (Python)
Preferred Method of Storing Passwords In Database
How to create an alias for Django Model field?
Connecting to IBM AS400 server for database operations hangs
python cx_oracle cursor.rowcount returning 0 but cursor.fetchall returns data