I'm trying to make a username and password program in Python, and although it isn't necessary to the final program, I thought it would be nice to make it display a different character when they input their text. Like most password fields, which may display something like an asterisk (*). So I was wondering how I might go about displaying their input as a different character. Thank you for any help :)
我正在尝试用Python创建一个用户名和密码程序,虽然最终程序没有必要,但我认为在输入文本时让它显示不同的字符会很好。像大多数密码字段一样,可能会显示类似星号(*)的字样。所以我想知道如何将他们的输入显示为一个不同的角色。感谢您的任何帮助 :)
1 个解决方案
#1
2
Using the getch recipe from the question " Python read a single character from the user "
使用问题“Python从用户读取单个字符”中的getch配方
def getpass(prompt):
sys.stdout.write(prompt)
sys.stdout.flush()
password = ''
while True:
c = getch()
if c == '\r':
sys.stdout.write('\n')
sys.stdout.flush()
return password
password += c
sys.stdout.write('*')
sys.stdout.flush()
Proof:
>>> getpass('secret: ')
secret: ********
'asdfsafd'
Echoing * for each character typed may fell cool from the UI perspective but will compromise security a bit because it gives up the length of the password. I guess that is why the builtin getpass module will not echo anything.
对于每个键入的字符,回音*可能会从UI的角度来看很酷,但会稍微损害安全性,因为它会放弃密码的长度。我想这就是为什么内置的getpass模块不会回应任何东西。
[update]
According to Andrea Corbellini, this implementation will leak keystrokes if the system is under heavy load, because it is resetting the tty before returning - characters may be echoed after getch() has returned and before getch() is called again. Looks like this is very hard to accomplish in a safe way, so probably this is the reason why the builtin getpass is not providing a visual feedback for each keystroke.
据安德烈Corbellini,这个实现将泄漏的击键如果系统负载过重,因为它是在返回前重置TTY - 字符可能残培后呼应()返回和残培()之前再次调用。看起来这很难以安全的方式完成,所以可能这就是为什么内置getpass没有为每次击键提供视觉反馈的原因。
#1
2
Using the getch recipe from the question " Python read a single character from the user "
使用问题“Python从用户读取单个字符”中的getch配方
def getpass(prompt):
sys.stdout.write(prompt)
sys.stdout.flush()
password = ''
while True:
c = getch()
if c == '\r':
sys.stdout.write('\n')
sys.stdout.flush()
return password
password += c
sys.stdout.write('*')
sys.stdout.flush()
Proof:
>>> getpass('secret: ')
secret: ********
'asdfsafd'
Echoing * for each character typed may fell cool from the UI perspective but will compromise security a bit because it gives up the length of the password. I guess that is why the builtin getpass module will not echo anything.
对于每个键入的字符,回音*可能会从UI的角度来看很酷,但会稍微损害安全性,因为它会放弃密码的长度。我想这就是为什么内置的getpass模块不会回应任何东西。
[update]
According to Andrea Corbellini, this implementation will leak keystrokes if the system is under heavy load, because it is resetting the tty before returning - characters may be echoed after getch() has returned and before getch() is called again. Looks like this is very hard to accomplish in a safe way, so probably this is the reason why the builtin getpass is not providing a visual feedback for each keystroke.
据安德烈Corbellini,这个实现将泄漏的击键如果系统负载过重,因为它是在返回前重置TTY - 字符可能残培后呼应()返回和残培()之前再次调用。看起来这很难以安全的方式完成,所以可能这就是为什么内置getpass没有为每次击键提供视觉反馈的原因。