Message 338212 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	remi.lapeyre
Recipients	dstufft, eric.araujo, jperras, jwilk, ncoghlan, remi.lapeyre
Date	2019-03-18.12:28:59
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1552912139.95.0.560369632665.issue33875@roundup.psfhosted.org>
In-reply-to

Content
I think there might be a need for a new function in the getpass module that fetch it from the operating system secure enclave, like KeyChain on OSX. Currently there is no facility for storing secrets securely, the documentation of secrets says: > Applications should not store passwords in a recoverable format, whether plain text or encrypted. but as far as I know there is no facility to save a secret when you actually need to get it back in plaintext.

I think there might be a need for a new function in the getpass module that fetch it from the operating system secure enclave, like KeyChain on OSX.

Currently there is no facility for storing secrets securely, the documentation of secrets says:

> Applications should not store passwords in a recoverable format, whether plain text or encrypted.

but as far as I know there is no facility to save a secret when you actually need to get it back in plaintext.

History
Date	User	Action	Args
2019-03-18 12:28:59	remi.lapeyre	set	recipients: + remi.lapeyre, ncoghlan, jwilk, eric.araujo, dstufft, jperras
2019-03-18 12:28:59	remi.lapeyre	set	messageid: <1552912139.95.0.560369632665.issue33875@roundup.psfhosted.org>
2019-03-18 12:28:59	remi.lapeyre	link	issue33875 messages
2019-03-18 12:28:59	remi.lapeyre	create