Secrets | Python module for generating safe random numbers

Python Methods and Functions

The secrets module is used to generate random numbers to manage sensitive cryptographically strong data such as passwords, account authentication, security tokens, and associated secrets. This module is responsible for providing access to the most secure source of randomness. This module is present in Python 3.6 and up.

Random numbers: class secrets. Random system

This class uses the os.urandom () function to generate random numbers from sources provided by the operating system.

  1. secrets.choice (sequence): This function returns a randomly selected item from non-empty sequences to control the baseline security. 
    Example 1 Create a ten-character alphanumeric password.

    import secrets

    import string

     

    alphabet = string.ascii_letters + string.digits

    password = '' .join (secrets.choice (alphabet) for i in range ( 10 ))

     

    print (password)

    Output:

     'tmX47l1uo4' 

    Example 2. Create a ten-character alphanumeric password, with at least one lowercase character, at least one uppercase character and at least three digits.

    import secrets

    import string

     

    alphabet = string.ascii_letters + string.digits

    while True :

      password = '' .join (secrets. choice (alphabet) for i in range ( 10 ))

    if ( any (c.islower () for c in password) and any (c.isupper () 

    for c in password) and < code class = "functions"> sum (c.isdigit () for c in password) & gt; = 3 ):

    print (password)

      break

    Exit:

     Tx8LppU05Q 
  2. secrets.randbelow (n) : This function returns a random integer in the range [0, n).

    import secrets

     

    passwd = secrets.randbelow ( 20 )

    print (passwd)

    Output:

     2 
  3. secretts.randbits (k) : this function returns a integer with k random bits.

    import secrets

     

    passwd = secrets.randbits ( 7 )

    print (passwd)

    Output:

     61 

Г Generating Tokens

This module provides several functions for generating secure tokens for applications such as password reset, hard-to-guess URLs, etc.

  1. secrets.token_bytes ([nbytes = None]): This function is responsible for generating a random byte string containing the number of bytes in nbytes. If no value is specified, a reasonable default is used.

    import secrets

     

    token1 = secrets.token_bytes ()

    token2 = secrets.token_bytes ( 10 )

      

    print (token1)

    print (token2)

    Output:

     b "x86? x85xcfx8ek8udx8ax92x8b & gt; Rxc7x89_xc4xxce'u] x95x0cx05 *? HG8xfb" b'Dxxe8x7fexc05x > 
  2. s ecrets.token_hex ([nbytes = None]): This function is responsible for generating a random hexadecimal text string containing n-byte random bytes. If no value is specified, a reasonable default is used.

    import secrets

     

    token1 = secrets.token_hex ( 16 )

    token2 = secrets.token_hex ( 9 )

     

    print (token1)

    print (token2)

    Output:

     5d894a501c88fbe735c6ff496a6d3e51 78baed9057e597dce4 
  3. secrets.token_urlsafe ([nbytes = None]): This function is responsible for generating a random URL-safe text string containing n-byte random bytes. This is suitable for password recovery applications. 
    Example: Create a hard-to-guess temporary URL containing a security token.

    import secrets

      

    url = ' https: / /mydomain.com/reset= ' + secrets.token_urlsafe ()

    print (url)

    Output:

     https://mydomain.com/reset=GbOiFIvhMoqWsfaTQKbj8ydbo8G1lsMx1ECa6SXjb1s 

    How many bytes should tokens use?
    At least 32 bytes should be used for tokens, to protect yourself from brute-force attacks.

Link: Official Python Documentation
This article is courtesy of Aditi Gupta . If you are as Python.Engineering and would like to contribute, you can also write an article using contribute.python.engineering or by posting the article [email protected] ... See my article appearing on the Python.Engineering homepage and help other geeks.

Please post comments if you find anything wrong or if you would like to share more information on the topic discussed above.





Tutorials