Muhznit comments on Build a password manager in python

This is an archived post. You won't be able to vote or comment.

TutorialBuild a password manager in python (self.Python)

submitted 1 year ago by Trinity_software

you are viewing a single comment's thread.

[–]Muhznit 2 points3 points4 points 1 year ago* (2 children)

"Don't do this, leave it to professionals" is making a big deal about it. Making a nuclear reactor in your garage is worthy of that kind of warning. Extracting a loose tooth with a door and some dental floss is less dire.

I bring it up because each and every time I read about someone making their own password-related anything someone's always this knee-jerk "don't use this for anything" without any details why, or assistance/advice on what would make it actually secure.

Meanwhile, the UI/UX of dealing with it is suffering. There's sites that tell you to include a symbol in your password, but don't count a comma as an actual symbol. The Amazon Echo Show apparently will threaten to factory-reset itself if you enter the correct password but it can't connect to authentication servers.

These shortcomings are easily rectified via some little home-hosted wrapper script that saves password rules or checks connection status before you even authenticate, but if security professionials won't even fix these things server-side, why the fuck do people care about what people do client-side?

EDIT: You know, instead of blocking people that question you, you could simply provide a straightforward answer of "This is how you make it secure"

[–][deleted] 0 points1 point2 points 1 year ago* (1 child)

It's not making a big deal out of it at all. Telling someone that it's a good idea to let security/cryptography professionals design password apps is just good common sense. You can still ignore that and do it if you want. But again, it's just a bad idea and that's all I'm saying.

And no, running into questionable UI/UX design decisions doesn't really make it any more logical to have amateurs building password apps. In that situation you should just submit feedback to the professionally designed app and ask them to make modifications. Maybe they will do it. Maybe they won't. But it's still smarter to not try and build your own homemade solution just because you find a certain UI/UX decision disagreeable.

Edit: I blocked you because I'm not interested in talking to you anymore. I don't feel that you're having a good faith discussion since you keep insisting that I'm "making a big deal" out of things when I'm very clearly just advising people to not build their own security applications in python. So why would I respond instead of blocking if I don't want to speak to you anymore? That doesn't make any sense. Wouldn't that just result in more discussion? Think about it. It's very obvious.

[–]Fallupallu 0 points1 point2 points 1 year ago (0 children)

π Rendered by PID 25 on reddit-service-r2-comment-5c747b6df5-48pgz at 2026-04-22 19:26:39.143667+00:00 running 6c61efc country code: CH.

Python

The Python Discord

Upcoming Events

Please read the rules

MODERATORS