当前位置:网站首页>A little thought about password encryption
A little thought about password encryption
2022-08-02 14:21:00 【Spaghetti Mixed with No. 42 Concrete】
A little thought on password encryption
How in the case that the database is leaked by the hijacking code,The user password will still not be cracked
With this question in mind, I wrote some code
from hashlib import sha256, sha512
test_pwd = 'testpassword123'
class CipherHandler(object):
""" Password encryption and password comparison """
# 密码盐
salt = "cvbjd%*vfjkse#fuei"
@classmethod
def encrypt(cls, pwd: str) -> str:
""" Randomly add salt first,use it twicesha256/sha512加密 :return: """
import random
randnum = random.randint(1, 3)
if randnum == 1:
salt_pwd = ''.join([cls.salt, pwd])
return cls._encryption(salt_pwd)
elif randnum == 2:
salt_pwd = ''.join([pwd, cls.salt])
return cls._encryption(salt_pwd)
elif randnum == 3:
pwd_list = list(pwd)
pwd_list.insert(randnum, cls.salt)
salt_pwd = ''.join(pwd_list)
return cls._encryption(salt_pwd)
@classmethod
def compare(cls, user_input_pwd: str,
database_storage_pwd: str
) -> bool:
""" 加密比对 :return: """
pwd_list = []
salt_pwd_one = ''.join([cls.salt, user_input_pwd])
pwd_list.append(cls._encryption(salt_pwd_one))
salt_pwd_two = ''.join([user_input_pwd, cls.salt])
pwd_list.append(cls._encryption(salt_pwd_two))
str_list = list(user_input_pwd)
str_list.insert(3, cls.salt)
salt_pwd_three = ''.join(str_list)
pwd_list.append(cls._encryption(salt_pwd_three))
if database_storage_pwd not in pwd_list:
return False
return True
@classmethod
def _encryption(cls, salt_pwd: str) -> str:
one_encryption = sha512((salt_pwd).encode('utf-8')).hexdigest()
enc_pwd = sha512((one_encryption).encode('utf-8')).hexdigest()
return enc_pwd
# 加密
print(CipherHandler.encrypt(test_pwd))
# 校验比对
print(CipherHandler.compare(test_pwd,'32b5b701ece1747eb90935fa55fe96983126a9683dbb1a537750fe5527eb3552ce13d31e2d2fad07fd8fe755794973221404e3a528dfa74ff0aff93e8b6745c6'))
边栏推荐
- Sentinel源码(三)slot解析
- 使用云GPU+pycharm训练模型实现后台跑程序、自动保存训练结果、服务器自动关机
- Sentinel源码(一)SentinelResourceAspect
- [ROS] The software package of the industrial computer does not compile
- Network pruning (1)
- yolov5 improvement (1) Add attention focus mechanism
- Tornado框架路由系统介绍及(IOloop.current().start())启动源码分析
- AWVS工具介绍[通俗易懂]
- (ROS) (03) CMakeLists. TXT, rounding
- Unit 12 associated serialization
猜你喜欢
动手学ocr(一)
logback源码阅读(二)日志打印,自定义appender,encoder,pattern,converter
ROS通信 —— 话题(Topic)通信](/img/21/d79f2c4e246eb9ea39df9c7435bb36.png)
[ROS](06)ROS通信 —— 话题(Topic)通信
Linux: CentOS 7 install MySQL5.7
Supervision strikes again, what about the market outlook?2021-05-22
![[ROS] The difference between roscd and cd](/img/a8/a1347568170821e8f186091b93e52a.png)
[ROS] The difference between roscd and cd
[ROS]roscd和cd的区别
The bad policy has no long-term impact on the market, and the bull market will continue 2021-05-19
Flask项目的完整创建 七牛云与容联云
YOLOv7使用云GPU训练自己的数据集
随机推荐
drf视图组件
The IDEA of packaged jar package
How to solve 1045 cannot log in to mysql server
Unit 12 associated serialization
浅浅写一下PPOCRLabel的使用及体验
The 2nd China Rust Developers Conference (RustChinaConf 2021~2022) Online Conference Officially Opens Registration
[ROS](06)ROS通信 —— 话题(Topic)通信
动态刷新日志级别
ftp常用命令详解_iftop命令详解
鼠标右键菜单栏太长如何减少
网络剪枝(1)
WeChat Mini Program-Recent Dynamic Scrolling Implementation
paddleocr window10 first experience
Go语言初始
瑞吉外卖笔记——第08讲读写分离
云GPU(恒源云)训练的具体操作流程
Deep learning framework pytorch rapid development and actual combat chapter3
VMM是什么?_兮是什么意思
Flask-RESTful请求响应与SQLAlchemy基础
window10下半自动标注