1

I want to generate my Python code in a setup.exe. The user stores an email password in the script. My question: Do I have to additionally encrypt this password, even though I create an * .exe file.

def load_settings(self): # print(__file__) # print(os.path.dirname(__file__)) pf = os.path.dirname(__file__) pa = os.path.join(pf, "settings.json") # print(pa) if os.path.exists(pa): # print("Pfad existiert") with open(pa, "r") as infile: data = json.load(infile) self.ein.pfadbez.setText(data["pfad"]) self.ein.name.setText(data["name"]) self.ein.mail.setText(data["mail"]) self.ein.ausgangserver.setText(data["smtp"]) self.ein.port.setText(data["port"]) self.ein.login.setText(data["login"]) self.ein.passwort.setText(data["pw"])
Improve this question
3
  • 1
    What do you mean by "I want to generate my Python code in a setup.exe" Commented Feb 27, 2020 at 11:07
  • Text in an executable is not encrypted. However, an executable cannot generally be opened just like any plain text file, so, as always, there is a layering of "safety". It is depending on the tenacity of those wanting to know your password versus how difficult it is to get. Commented Feb 27, 2020 at 11:25
  • Just make use of the bycrpt library to encrypt your password, it is very solid. You might also want to make use of getpass inbuilt python library in your code to hide the password from view while it is being entered(typed) by the user. With this whether the password is stored in your code or in a file or database, with bcrypt it will be securely hashed Commented Feb 27, 2020 at 13:42

2 Answers 2

Reset to default
1

From the way you worded your question, it sounds like you want a user to store a password within the code itself, or in a text file. Variables are called variables because they vary - a password won't be saved between executions unless stored in plain text, which is where encryption will be needed.

Further, generating Python code from a Windows executable will still require that Python code to be put somewhere for execution, and since Python is fundamentally open-source, hiding it in a compiled package won't do much.

Going about text encryption is simple - since you're on Windows, you could use Pycryptodomex, which will simplify the process of encrypting text. This tutorial could help.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Setup.exe means: I want to generate my Python project in an * .exe file so that the user of my project can run the program without installing Python. In the program, the user must make settings that are saved in a file called settings.json. This settings.json also contains the email password with which the user can send data. This password must be encrypted. Is there any other way than to save the settings in a setting.json?
0

Here's my code:

 from cryptography.fernet import Fernet import pyperclip print("For this program to work, please send the file named 'pwkey' and the encrypted code to the other user.") key = Fernet.generate_key() file = open('pwkey', 'wb') file.write(key) file.close() print('File Generated') original = input('Enter message>>>') message = original.encode() f = Fernet(key) encrypted = f.encrypt(message) encrypted = encrypted.decode("ascii") print('Encrypted:', encrypted) pyperclip.copy(encrypted) print('Please tell the other user to input the encrypted code in the Decrypt program') print('(Code copied to Clipboard)') print("Note: Please delete the 'pwkey' file after sending it to the other user. It is for one-time use only.") And decrypting # Decrypt from cryptography.fernet import Fernet print("For this program to work, make sure you have the file named 'pwkey' in your Python folder and the encrypted " "code.") file = open('pwkey', 'rb') key = file.read() file.close() print('Key Retrieved') encrypted = input('Please input your encrypted code>>>') encrypted = bytes(encrypted, 'utf-8') f = Fernet(key) decrypted = f.decrypt(encrypted) decrypted = decrypted.decode() print('Decrypted Message:') print(decrypted) print("Note: Please delete the 'pwkey' file after getting the decrypted message.")
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.