Skip to content Skip to sidebar Skip to footer

Hiding A Password or Text By Using An Encoding With Base64 in Python

 Hi Again,

So a weeks ago i saw something really dumb. To make it short, we have some script of connection that using username & password to connect to certain web. I know it's not a good practice because it doesn't use API key, but in this case it's not supported so we keep using username & password to keep it good. Just like the old days, isn't it?

Base64 Encoding - Source : stackoverflow

But, it's really stupid to me when i saw it. The username & password are written in plain text. I know it's "still safe" because we are using SSL on each other web. But, username and password in a plain text? really? That's totally not a good practice. At least, do some encoding for it so humans or whoever have a bad intention cannot see it easily once he find it out.

Since i am also have "less" knowledge in coding and stuff, i still understand the good practice of several things. Especially about this "crucial bridge of connection", so i manage to try a basic Base64 encoding to hide those sensitive info.

So, all i did in my python terminal was typing : 

>>> import base64 
>>> print(base64.b64encode("password".encode("utf-8"))) 
cGFzc3dvcmQ=

Now, you see that this cGFzc3dvcmQ is actually a "password" but encoded in Base64. To prove it, you can revert it back by typing

>>> print(base64.b64decode("cGFzc3dvcmQ=").decode("utf-8")) 
password

Please be aware that Base64 is an encoding, which means that your passphrase or words you encode can be decoded back. So, if you wish for more security you can use encryption instead.
 
For more info, you can see this on stackoverflow