Securely enter password in textbox using python selenium

Question

Question:

Is there a way to securely send/enter your password into a textbox using python selenium? Encryption, Basic Authentication headers, etc.?

Example (insecure):

driver = webdriver.Chrome()
Pass = WebDriverWait(driver, timeout_time).until(
    lambda driver : driver.find_element_by_id('Pass'))
Pass.send_keys(password)

Description:

The problem with this, is that the password is written to stdout,stderr in plain text. Anyone getting hold of your log files, can authenticate your accounts. I could possibly send stdout,stderr to /dev/null, but there must be a better way?

Also, if password is written to file, then someone could possibly intercept your request and obtain your details quite easily as well?

Answer 1

I don't think there is such a way. Selenium's purpose is to automate testing. If you need to give a password via a send_keys method, your password will be readable at some point. From a python's perspective, you could use a 64 bits encoding :

>>> import base64
>>> print base64.b64encode("password")
cGFzc3dvcmQ=
>>>  print base64.b64decode("cGFzc3dvcmQ=")
password

With this solution, your password is not directly written in your code but can be easily decoding. This technique is not secure because 64 bits encoding is easily recognizable (i.e. '=' character).

An other idea is to write your password in a separate python file and compile it. You will get a "toto.pyc" file and as it's only compiled bytecode, it can't be readable by humans. In your real script, you juste have to import this module and you will access the password variable you just put.

As said first, it will not be completely secure because the password could be readable at some point.