This content originally appeared on DEV Community and was authored by Bilal
Let's say that you've written up some automation scripts to save yourself some time. Such scripts can often be used to make your work life easier, but they usually also include your credentials. In a different scenario, you might just be using credentials to test something.
It can be very handy to quickly be able to substitute your real credentials into some gibberish text like base64 which your code can then convert back. This way, when someone takes a glance 👀 at your code, they will not be intrigued by the sight of your bare credentials laying in the open.
Detour for beginners - What is base64?
base64 is a character encoding similar to ASCII or UTF-8, except that base64 contains a set of 64 common (printable) text characters. It was created to make binary data "safer" to transmit via email so that it remains unaffected. You can take a look at how ASCII text and binary digits can be converted to and from base64 text here and here.
For us, this is useful because we can input our real credentials as UTF-8 text and in the output, each character will end up likely as a different character - hence the gibberish. You can experiment with this by following the steps below.
Prerequisites
- Python
You can perform these steps in an interactive python terminal, or a regular python file.
1. Import base64
import base64
2. Encode your real credentials
encoded_text = base64.b64encode("YOUR_PASSWORD".encode()).decode()
Explanation:
- In
"YOUR_PASSWORD".encode()
, str.encode is used to convert the UTF-8 text "YOUR_PASSWORD" to the corresponding UTF-8 bytes (binary). - Next, the output bytes from
str.encode()
are input to base64.b64encode(), which converts the UTF-8 bytes to base64 bytes. - Lastly, we convert the base64 bytes to UTF-8 text by calling
decode()
on the return value ofbase64.b64encode()
Visually, this is how it looks:
3. Use your base64 encoded credentials in your automation script/code
my_pass = base64.b64decode("WU9VUl9QQVNTV09SRA==".encode()).decode()
Neat! 😁
Bonus: JavaScript one-liner
After encoding your credential in base64 using python, you can also use the encoded text in JavaScript - using the atob() function - like so:
myPass = atob("WU9VUl9QQVNTV09SRA==")
As a final note, if you are writing production code or anything that will be used in the long-run, this is not the best way to store credentials. For the long term, it is better to use a configuration file or a .env file for environment variables. If you'd like an article diving into those subjects, let me know in the comments!
If you have questions about any part or thoughts you want to share, feel free to mention those in the comments below as well :)
Happy coding!
This content originally appeared on DEV Community and was authored by Bilal
Bilal | Sciencx (2022-01-09T00:35:51+00:00) How you can prevent accidentally revealing your passwords while screen-sharing using these simple python one-liners. Retrieved from https://www.scien.cx/2022/01/09/how-you-can-prevent-accidentally-revealing-your-passwords-while-screen-sharing-using-these-simple-python-one-liners/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.