In this project, I tried to build basic password manager with Fernet Encryption.
Find project on GitHub, by clicking here.
Understanding Fernet Encryption
Fernet is a symmetric encryption algorithm provided by the cryptography
library in Python. It ensures that a message encrypted with it cannot be manipulated or read by unauthorized users. Fernet encryption requires a key, which is used to both encrypt and decrypt the data. This key should be kept secure, as anyone with access to it can decrypt the encrypted data.
Fernet encryption operates in a symmetric key system (I will post a post about symmetric/asymmetric key systems), meaning the same key is used for both encryption and decryption. This simplicity makes it easy to implement while providing strong security for sensitive information.
How the Code Works
Now, let’s dive into a Python script.
Generating and Loading the Master Key
from cryptography.fernet import Fernet
def generate_key():
key = Fernet.generate_key()
key_file = open("key.key","wb")
key_file.write(key)
key_file.close()
return key
def load_key():
key_file = open("key.key","rb")
key = key_file.read()
key_file.close()
return key
These functions handle the generation and loading of the master key required for encryption and decryption.
- The
generate_key()
function generates a new key using Fernet’sgenerate_key()
method and stores it in a file namedkey.key
. - The
load_key()
function loads the key stored in thekey.key
file.
Initializing the Password Manager
print("Welcome to password manager!")
generate_pwd_prompt = input("If this is your first run, we need to generate a master key. Do you want to generate it? (y/n): ").lower() == "y"
main_pwd = ""
if generate_pwd_prompt:
key = generate_key()
if key:
main_pwd = key
else:
print("Error: Unable to generate master key.")
exit()
else:
key = load_key()
if key:
main_pwd = key
else:
print("Error: Unable to load master key.")
exit()
This section initializes the password manager by prompting the user to either generate a new master key or load an existing one.
- The user’s response is stored in
generate_pwd_prompt
. - If the user chooses to generate a new key,
generate_key()
function is called and the key is stored inmain_pwd
. - If the user chooses to load an existing key,
load_key()
function is called to load the key.
Initializing Fernet with the Master Key
fer = Fernet(key)
The Fernet object fer
is initialized with the master key obtained in the previous step. This object is used for encryption and decryption operations.
Adding and Viewing Passwords
def add():
vault_file = open("vault.txt","a")
account_site = input("Enter site name (Facebook, Google): ")
account_name = input("Enter account name (Username/E-mail): ")
account_password = input("Enter password: ")
vault_file.write(account_site + "|" + fer.encrypt(account_name.encode()).decode() + "|" + fer.encrypt(account_password.encode()).decode())
vault_file.close()
print("Password added!" + "\n")
def view():
vault_file = open("vault.txt","r")
for line in vault_file.readlines():
data = line.rstrip()
site_name, user, passw = data.split("|")
print("Site name: ", site_name, "| Username: ", fer.decrypt(user.encode()).decode(), "| Password: ", fer.decrypt(passw.encode()).decode())
print("")
These functions allow users to add and view passwords.
- The
add()
function prompts the user to enter details for a new password (site name, account name, and password). The provided information is encrypted using Fernet encryption and stored in thevault.txt
file. - The
view()
function reads the contents of thevault.txt
file, decrypts the stored passwords using the Fernet objectfer
, and prints the decrypted information (site name, username, and password).
Main Loop for Password Manager Operations
while True:
print("This is your main password vault (Find it on key.key file) (DO NOT LOSE IT!!!): " + main_pwd.decode())
operation = input("Select the operation (add, view): ").lower()
if operation == "add":
add()
elif operation == "view":
view()
else:
print("Wrong operation name")
This loop continuously prompts the user to select an operation (add or view) for the password manager. Based on the user’s input, it calls the corresponding function (add()
or view()
). If an invalid operation is entered, an error message is displayed.
This Python script provides a basic implementation of a password manager using Fernet encryption, allowing users to securely store and retrieve passwords for different accounts.
Note
This project serves as an educational resource to understand basic password management techniques using encryption in Python. It is not intended for use in production environments and should not be used to manage sensitive data.