Python 3.6 adds New secrets Module for Robust Account and Password Security

python-ev

Python 3.6, the newest major release of the Python language, has added a new module, called secrets, to help generate cryptographically strong random numbers for managing secrets, like account authentication, tokens and related secrets. Python developers are highly likely to prefer secrets over the default pseudo-random number generator in the random module, since it’s not meant for cryptography or security, but modelling and simulation.

Let’s understand with an example how one can create their own cryptographically strong pseudo-random values and generate tokens using the secrets module.

How to create Cryptographically Strong Pseudo-Random Values using secrets

>>> import secrets
>>> import string
>>> characters = string.ascii_letters + string.digits
>>> secure_password = ”.join(secrets.choice(chNo Records.aracters) for i in range(10))
>>> secure_password
‘SRvM54ZAs1’

The first step is to import the secrets and the string modules. Then we create a string of uppercase letters and integers. Now, in order to choose characters randomly to generate a secure password, we need to use the secrets module’s choice() method. The reason it’s being called a secure password is because there’s been a use of mixed case, numbers and symbols in the password, which is highly advised to people to keep their passwords protected from hack attacks…Read full blog here- Python 3.6 adds New secrets Module for Robust Account and Password Security