web forms encryption

Hey can anyone explain to me how to encrypt the info sent in forms, such as a create username one and how to decrypt it.

p.s. I did see the encrytion thread below this one

Hi,

For this type of encryption you'd probably find the built-in rotor module interesting - which is allot like the crypt function in PHP (, *nix?) etc. there's also the crypt module but it's only available on *nix

http://www.python.org/doc/current/lib/module-rotor.html
http://www.python.org/doc/current/lib/module-crypt.html

however since this was depreciated in Python 2.3.. your best bet is probably the python cryptography toolkit (pycrypto). I did a quick search on google for 'Python crypty()', this looks pretty interesting!

http://www.sabren.net/code/python/crypt/

As for encrpyting form data you need to get access to the data in the form (generally using cgi.FieldStorage()) and then encrypt that data, you can then do whatever you want to it i.e. store it in a db

http://www.devshed.com/Server_Side/.../CGI/page1.html
http://www.devshed.com/Server_Side/...ySQL/page1.html

Could you explain what you mean by create username? that one has me at a loss

Mark.

Also, if you want to have the data being sent between the user and the web site encrypted, you'll need to look into using SSL. That's to do with your web server, so contact your host about it.

oops sorry for confusing you. I need to create a create username name thingy for the message board im making, and this was probably a bad place to post this since it has to do with the html and encryption from the user to the server.

So you want to randomly generate a username and password instread of letting the user pick there own? If so, it's not hard to do , especially with Python 2.3! All you have to do is call random.sample() on a string (possiably from a file), you dol need to check if the username exists first though.. can't really help with the server thing though obviously . How is your board coming anyway?

Mark.

no

they need to enter there own but i need to encrypt its transfer from the page to the server

Telex is right, it sounds like you want SSL to me .. in any case i think this is more of a server thing than a Python question.

I don't see how it's too much of a problem though Ark.. as far as i'm aware this forum just sends data from the browser to the webserver (no encryption). So not something i'd really worry about too much ayway!

Mark.

As netyan says, SSL isn't necessary, though if you can make it work and you really want your data to be secure when being transmitted, it's probably a good thing to use. Look through the documentation for your web server, contact your host, and work out SSL.

Otherwise, simply encrypting passwords with the MD5 algorithm is going to make the passwords very secure, and applying some simple obsfucation with regular expressions or using crypt will deter the less determined crackers.