Verifying user name / password in website with simple python code

DDE_Server

Level 22
Thread author
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
hi guys :love::love: ,
i am beginner in programming but while learning statement/loops/lists in python i coded simple code to check user name/password against stored one as you could see below:
although it still very very simple but i am feeling happy to accomplish something while (not loop) i am learning:

Python:
User_names_database = ['user_name']
password_database = ['0123456']
"""prompt user to enter his/her username"""
entered_user_name = input("Please enter the user name:")
entered_user_name.title()
entered_password = input("please enter your password:")

"""Check if the entered user name/password existing in the user data base of the website"""
if entered_user_name == 'user_name' and entered_password == '0123456':
    print('login Successful,you will be shortly redirected to your account page')
else:
    print('login fail,please try again\nif you cannot remember you should choose forget password below')
    while True:
        entered_user_name = input("Please enter the user name:")
        entered_user_name.title()
        entered_password = input("please enter your password:")
        if entered_user_name == ' user_name' and entered_password == '0123456':
            print('login Successful,you will be shortly redirected to your account page')

really i know i this is very basic but i am feeling happy
i think this may be linking with back end database of course with some code scalability to be more dynamic
so Guys what is your opinion ?? i am happy to know your feedback
Note:this code is written in python language
 

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
667
My suggestion: Expand the script to check against hashes of the password instead of comparing plain text passwords. This will avoid leaking the password if you read the script (or database or whereever the passwords will be stored)
 

DDE_Server

Level 22
Thread author
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
My suggestion: Expand the script to check against hashes of the password instead of comparing plain text passwords. This will avoid leaking the password if you read the script (or database or whereever the passwords will be stored)
Thanks a lot @struppigel for your feedback
i am still learning i will read the syntax to do this
what about using dictionary data (which may be used in Encryption as it contain key: value pair i will explore this capability ) type may be useful for some thing like that??
 

DDE_Server

Level 22
Thread author
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
you mean such as SQL and make the quires for the records using any database administration such as postgre SQL
 
  • Like
Reactions: Protomartyr

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top