Saving passwords for other services (semi-)securely in a database
I've often found myself wanting to store passwords for other web services (e.g. maillist managers, IMAP accounts, IM accounts etc) for use by a web application, but have not wanted to hard-code them in `settings.py` or store them as plaintext in the database. This uses the [pycrypto][] library to encrypt each bit of information using the concatenation of a salt value and the SECRET_KEY value from your `settings.py`, hopefully leading to a bit more security and flexibility. [pycrypto]:http://www.dlitz.net/software/pycrypto/ You'll probably want to add some views to let people edit these things as I can't find a way to make the admin interface play nicely with it. **Example usage:** In [1]: p = Password( name='IMAP account', slug='imap', username='example', password='password', host='imap.gmail.com' ) In [2]: p.host Out[2]: 'imap.gmail.com' In [3]: p.e_host Out[3]: '6wdyMDKYy8c=$YXw6t/Q9wI[...]' In [4]: p.save()
- password
- crypto