DEV Community

Cover image for Build a Python Password Generator: A Beginner's Guide
Scofield Idehen
Scofield Idehen

Posted on • Originally published at blog.learnhub.africa

Build a Python Password Generator: A Beginner's Guide

Having your password generator hosted and serving only you is an amazing tool and a project to start; in this guide, we will explore how to build a simple password generator and host it using Pythonanywhere.

Table of Contents

  1. Introduction to Password Security
  2. Setting Up Your Python Environment
  3. Building the Password Generator
  4. Understanding the Code
  5. Enhancing the Password Generator
  6. Hosting Your Project on PythonAnywhere
  7. Conclusion ## Introduction to Password Security

In an era where data breaches are increasingly common, having strong, unique passwords for each of your online accounts is more important than ever. A strong password typically includes a mix of uppercase and lowercase letters, numbers, and special characters. It should also be long enough to resist brute-force attacks. However, creating and remembering such passwords can be challenging. This is where a password generator comes in handy.

Setting Up Your Python Environment

Before we dive into coding, ensure you have Python installed on your computer. You can download it from the official Python website. For this project, we'll be using Python 3.12.7

To check your Python version, open your command prompt or terminal and type:

python --version
Enter fullscreen mode Exit fullscreen mode

If you see a version number starting with 3 (e.g., Python 3.8.5), you're ready to begin.

The Complete Password Generator Code

Let's start by looking at the entire code for our password generator. Don't worry if it looks intimidating; we'll break it down line by line in the next section.


import random
import string

def generate_password(length=12):
    characters = string.ascii_letters + string.digits + string.punctuation
    password = ''.join(random.choice(characters) for _ in range(length))
    return password

def main():
    print("Welcome to the Simple Password Generator!")

    try:
        length = int(input("Enter the desired password length: "))
        if length <= 0:
            raise ValueError("Password length must be positive")
    except ValueError as e:
        print(f"Invalid input: {e}")
        print("Using default length of 12 characters.")
        length = 12

    password = generate_password(length)
    print(f"\nYour generated password is: {password}")

if __name__ == "__main__":
    main()


Enter fullscreen mode Exit fullscreen mode

Now, let's break this down and examine each part in detail, but before that, we can look at this amazing article I wrote Build An Advanced Password Cracker With Python (Complete Guide)

Build An Advanced Password Cracker With Python (Complete Guide)

Importing Necessary Modules

import random
import string
Enter fullscreen mode Exit fullscreen mode

These two lines import the modules we need for our password generator:

  • The [random](https://www.w3schools.com/python/module_random.asp) module provides functions for generating random numbers and making random selections. We'll use it to randomly choose characters for our password.

  • The [string](https://docs.python.org/3/library/string.html) module offers constants containing various types of characters (letters, digits, punctuation). This saves us from manually typing out all possible characters we might want in a password.

    The generate_password Function

def generate_password(length=12):
Enter fullscreen mode Exit fullscreen mode

This line defines a function named generate_password. The def keyword in Python is used to define a function. The function takes one parameter, length, with a default value of 12. This means if no length is specified when calling the function, it will generate a password of 12 characters.

characters = string.ascii_letters + string.digits + string.punctuation
Enter fullscreen mode Exit fullscreen mode

This line creates a string named characters that contains all the possible characters we might use in our password. Let's break it down.

  • string.ascii_letters contains all ASCII letters, both lowercase (a-z) and uppercase (A-Z).
  • string.digits contains all decimal digits (0-9).
  • string.punctuation contains all punctuation characters.

By adding these together with the + operator, we create a single string containing all these characters.

    password = ''.join(random.choice(characters) for _ in range(length))
Enter fullscreen mode Exit fullscreen mode

This line is where the actual password generation happens. It's a bit complex, so let's break it down further.

  • random.choice(characters) randomly selects one character from our characters string.
  • for _ in range(length) creates a loop that runs length number of times. The underscore _ is used as a throwaway variable name, as we don't need to use the loop variable.
  • This loop is part of a generator expression that creates an iterator of randomly chosen characters.
  • ''.join(...) takes this iterator and joins all the characters together into a single string, with an empty string '' between each character.

The result is stored in the password variable.

    return password
Enter fullscreen mode Exit fullscreen mode

This line returns the generated password from the function.

The main Function

def main():
Enter fullscreen mode Exit fullscreen mode

This line defines our main function, which will handle user interaction and call our generate_password function.

    print("Welcome to the Simple Password Generator!")
Enter fullscreen mode Exit fullscreen mode

This line prints a welcome message for the user.

        try:
            length = int(input("Enter the desired password length: "))
            if length <= 0:
                raise ValueError("Password length must be positive")
Enter fullscreen mode Exit fullscreen mode

These lines are part of a try block, which allows us to handle potential errors:

  • We prompt the user to enter a desired password length and attempt to convert their input to an integer using int().
  • If the user enters a value less than or equal to 0, we manually raise a ValueError with a custom message.
        except ValueError as e:
            print(f"Invalid input: {e}")
            print("Using default length of 12 characters.")
            length = 12
Enter fullscreen mode Exit fullscreen mode

This except block catches any ValueError that might occur, either from int() if the user enters a non-numeric value, or from our manually raised error if they enter a non-positive number.

  • We print an error message, including the specific error (e).
  • We inform the user that we'll use the default length of 12 characters.
  • We set length to 12.
        password = generate_password(length)
        print(f"\nYour generated password is: {password}")
Enter fullscreen mode Exit fullscreen mode

These lines call our generate_password function with the specified (or default) length, and then print the resulting password.

Running the Script

    if __name__ == "__main__":
        main()
Enter fullscreen mode Exit fullscreen mode

This block is a common Python idiom. It checks if the script is being run directly (as opposed to being imported as a module). If it is, it calls the main() function.

Lets explore __**name__** = "__main__"

Understanding if __name__ == "__main__" in Python

The line if __name__ == "__main__": might look strange if you're new to Python, but it's a very useful and common pattern. Let's break it down step by step:

Cheeks?

This line checks whether the Python script is being run directly by the user or if it's being imported as a module into another script. Based on this, it decides whether to run certain parts of the code or not.

What are __name__ and "__main__"?

  1. __name__ is a special variable in Python. Python sets this variable automatically for each script that runs.
  2. When you run a Python file directly (like when you type python your_script.py in the command line), Python sets __name__ to the string "__main__" for that script.
  3. However, if your script is imported as a module into another script, __name__ is set to the name of the script/module. ## An analogy to understand this better

Imagine you have a Swiss Army knife. This knife has many tools, like a blade, scissors, and a screwdriver.

  • When you use the knife directly, you use it as the "main" tool. This is like running your Python script directly.
  • But sometimes, you might just want to use one specific tool from the knife as part of a bigger task. This is like importing your script as a module into another script.

The if __name__ == "__main__": check is like the knife asking, "Am I being used as the main tool right now, or am I just lending one of my tools to another task?"

Why is this useful?

This check allows you to write code that can be both run on its own and imported by other scripts without running unintended code. Here's a practical example.


    def greet(name):
        return f"Hello, {name}!"

    def main():
        name = input("Enter your name: ")
        print(greet(name))

    if __name__ == "__main__":
        main()
Enter fullscreen mode Exit fullscreen mode

In this script:

  • If you run it directly, it will ask for your name and greet you.
  • If you import it into another script, you can use the greet function without the script automatically asking for input. ## How it works in our password generator

In our password generator script.

    if __name__ == "__main__":
        main()
Enter fullscreen mode Exit fullscreen mode

This means:

  • If you run the password generator script directly, it will call the main() function and start generating passwords.
  • If you import the script into another Python file, it won't automatically start the password generation process. This allows you to use the generate_password() function in other scripts without running the interactive part.

Our password generator works, and in the next part of this article, we will modify the password generator to do a lot more, which includes.

Custom Character Sets: Allow users to specify which types of characters they want in their password (e.g., only letters and numbers, no special characters).

Password Strength Checker: Implement a function to evaluate the strength of the generated password and provide feedback to the user.

Multiple Passwords: Give users the option to generate multiple passwords at once.

GUI Interface: Create a graphical user interface using a library like Tkinter to make the program more user-friendly.

Password Storage: Implement a secure way to store generated passwords, possibly with encryption.

Resource

Top comments (6)

Collapse
 
ldrscke profile image
Christian Ledermann

Please don't recommend the random module for a password generator.

This is straight from the python documentation:

The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

In particular, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.

Collapse
 
ezekiel_77 profile image
Ezekiel

I think this is mostly because of the fact that random values are random but the way it generates random numbers is not random

You can check out
roadmap.sh/guides/random-numbers

Collapse
 
scofieldidehen profile image
Scofield Idehen

I did not really thought of this, thanks for the article, It explored it better.

I would write a follow up on it.

Collapse
 
scofieldidehen profile image
Scofield Idehen

Oh, thanks. Why this article is just for the educational use cases? I will put a caveat for users who want to go further to take this advice into consideration.

Thanks a lot.

Collapse
 
guissguiss profile image
Guillaume Ste-Marie

Enhancing Python's Random Library with Unix Time Seeding

When working with Python's random library, you need to ensure a high degree of randomness, especially for applications requiring strong unpredictability. One effective method to achieve this is by using Unix time as a seed. Here's how you can implement this technique:

Step 1: Import Required Libraries

First, import the necessary libraries:

import random
import time
Enter fullscreen mode Exit fullscreen mode

Step 2: Set the Seed Using Unix Time

Use the current Unix timestamp as the seed for the random number generator:

current_time = int(time.time())
random.seed(current_time)
Enter fullscreen mode Exit fullscreen mode

Step 3: Generate Random Numbers

Now you can use any of the random library's functions to generate random numbers:

random_number = random.randint(1, 100)
print(f"Random number: {random_number}")
Enter fullscreen mode Exit fullscreen mode

Why This Works

  • Unix time provides a constantly changing value, ensuring a different seed each time your program runs.
  • This method increases entropy and reduces the predictability of the random number sequence.

Considerations

  • While this method significantly improves randomness, it's not suitable for cryptographic purposes.
  • For cryptographically secure random numbers, use Python's secrets module instead.

By implementing this technique, you can enhance the randomness of Python's built-in random number generator for most general-purpose applications.


Enter fullscreen mode Exit fullscreen mode
Collapse
 
scofieldidehen profile image
Scofield Idehen

This is interesting, I am currently rewriting the article using secret but I find using seed to change the entropy quite ingenious.

Thanks for your comment.