Skip to main content

The Python Standard Library: getpass

| 10.05.2022

getpass: Diving into the Python Standard Library

Python is a versatile language with all sorts of powers and uses. Packages like numpy and scipy get lots of attention for the services they provide to Data Science and scientific research and lots of other fields (and rightly so!). But Python has a lot of builtin capability that often gets forgotten or passed over. The Python Standard library contains a wealth of builtin libraries and packages which provide all kinds of little use-cases and quality of life functions. In this article I want to shine a light on one of the more useful ones. Hopefully you know it already, but if you're coming across it for the first time, read on! This is all about getpass...

Passwords are Tricky

When writing scripts in a big company like Ansys you often find yourself working with servers and services of various kinds. Often you need to login to things to get your scripts to run. Some people hard-code their passwords into the scripts and hopefully I don't have to say why this is a bad idea, but it's a terrible idea. Do not do this thing. Anyone who sees that script will see your password, and it just takes one person to copy that file somewhere else and you've lost control of your password. Or maybe someone accidentally commits the file to a public repo, and now your password is online for all to see. Avoid this like the plague.

OK, so actual solutions can go two to three ways.

  1. Encrypt the password, perhaps into a token
  2. Type your password in on execution
  3. (Use alternative authentication)

Options 1 & 3 are great, but they are somewhat more involved than you might want when scripting or making simpler programs for other people or demonstrations. Option 2, however, doesn't sound great, but it's actually pretty easy to do, and when combined with getpass can be great.

So the base way of reading user input into a Python script is using the input keyword (raw_input in Python 2).

In [1]: x = input()
test

In [2]: x
Out[2]: 'test'

In [3]:

But as you can see, the input when typed appears on-screen, which isn't good enough for passwords. You don't want people to see this stuff, especially if it appears in the output.

Introducing getpass

getpass is a small library with just 2 methods.

  1. getpass.getpass() - get a password input
  2. getpass.getuser() - get the current username

It's pretty simple.

getpass.getpass()

The main method you'll use. This will provide the "Password:" prompt string and then obscure any typing a user performs! This works seamlessly with jupyter notebooks too.

In [1]: import getpass

In [2]: pwd = getpass.getpass()
Password:

In [3]: pwd
Out[3]: 'OoOoOo invisible typing! OoOoOo'

You can alter the prompt in the function call with the prompt keyword argument, and you can change the stream the input uses with the stream keyword argument. For more details check out the docs.

getpass.getuser()

This function simply gets the username of the current user.

In [4]: getpass.getuser()
Out[4]: 'jderrick'

In [5]:

Check out the docs for precise usage.

Conclusion

getpass is a fantastic tool to kow about and is instrumental in building quick and ready applications, or demonstrations. The Python Standard Library provides!