2 player dice game with login system
This is a two player dice game where two players each roll two dice. If a player's dice sum is even, they gain 10 points. If the dice total is odd, they lose 5 points.
import random
import time
import sys
print("*****************Welcome To The DICE Game*******************")
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
while abc not in ('e','n'):
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
if abc =="n":
print("make an account")
username=input("type in a username: ")
password1=input("type in a pasword: ")
password2=input("renter the password: ")
if password1==password2:
print("your password is",password1)
f = open ("username + password.txt","a+")
f.write(f"{username}:{password2}n")
f.close()
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
else:
print("the password you entered is not matching restart the program to start again")
sys.exit()
if abc == "e":
check = True
while check:
print("player 1 enter your details")
username1=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username1 + ":" + password) == line.strip():
print("you are logged in")
print("player 2 enter your details")
while check:
print("incoreect password or username please try again")
username2=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username2 + ":" + password) == line.strip():
check = False
print("you are logged on")
#game
player1=0
player2=0
print("*****************Welcome To The DICE Game*******************")
print("PLAYER 1 READY")
time.sleep(1)
print("PLAYER 2 READY")
totalscore1=0
totalscore2=0
#player 1
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
roundno = 1
while roundno < 5:
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player1=dice1+dice2
roundno=roundno+1
print("round",roundno)
time.sleep(1)
print("-----------------------------------------------------")
asdf = input("player 1, press enter to roll")
print("player 1 is rolling")
print("player 1's first roll is",dice1)
time.sleep(1)
print("player 1's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player1 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player1=player1+10
time.sleep(1)
print("score is",player1)
if player1<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(2)
player1=player1-5
print("score is",player1)
time.sleep(3)
print("player 1 score",player1)
print("-----------------------------------------------------")
time.sleep(1)
#player 2
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player2=dice1+dice2
print("-----------------------------------------------------")
asdf = input("player 2 press enter to roll")
print("player 2 is rolling")
time.sleep(1)
print("player 2's first roll is",dice1)
time.sleep(1)
asdf = input("player 2 press enter to roll again")
time.sleep(1)
print("player 2's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player2 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player2=player2+10
print("score is",player2)
time.sleep(1)
if player2<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(1)
player2=player2-5
print("score is",player2)
time.sleep(3)
print("player 2 score",player2)
print("-----------------------------------------------------")
print("the total score for player 1 is ",totalscore1)
print("the total score for player 2 is ",totalscore2)
if totalscore1 > totalscore2:
print("player 1 wins")
file = open("scores.txt2","a+")
file.write("player 1 ")
file.write(username1)
file.write(" has won overall with ")
file.write(str(totalscore1))
file.write(" points")
file.write("n")
if totalscore2 > totalscore1:
print("player 2 wins")
file = open("scores.txt2","a+")
file.write("player 2 ")
file.write(username2)
file.write(" has won overall with ")
file.write(str(totalscore2))
file.write(" points")
file.write("n")
else:
print("incorrect username or password")
else:
print("incorrect username or password")
python python-3.x game dice
New contributor
add a comment |
This is a two player dice game where two players each roll two dice. If a player's dice sum is even, they gain 10 points. If the dice total is odd, they lose 5 points.
import random
import time
import sys
print("*****************Welcome To The DICE Game*******************")
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
while abc not in ('e','n'):
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
if abc =="n":
print("make an account")
username=input("type in a username: ")
password1=input("type in a pasword: ")
password2=input("renter the password: ")
if password1==password2:
print("your password is",password1)
f = open ("username + password.txt","a+")
f.write(f"{username}:{password2}n")
f.close()
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
else:
print("the password you entered is not matching restart the program to start again")
sys.exit()
if abc == "e":
check = True
while check:
print("player 1 enter your details")
username1=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username1 + ":" + password) == line.strip():
print("you are logged in")
print("player 2 enter your details")
while check:
print("incoreect password or username please try again")
username2=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username2 + ":" + password) == line.strip():
check = False
print("you are logged on")
#game
player1=0
player2=0
print("*****************Welcome To The DICE Game*******************")
print("PLAYER 1 READY")
time.sleep(1)
print("PLAYER 2 READY")
totalscore1=0
totalscore2=0
#player 1
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
roundno = 1
while roundno < 5:
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player1=dice1+dice2
roundno=roundno+1
print("round",roundno)
time.sleep(1)
print("-----------------------------------------------------")
asdf = input("player 1, press enter to roll")
print("player 1 is rolling")
print("player 1's first roll is",dice1)
time.sleep(1)
print("player 1's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player1 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player1=player1+10
time.sleep(1)
print("score is",player1)
if player1<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(2)
player1=player1-5
print("score is",player1)
time.sleep(3)
print("player 1 score",player1)
print("-----------------------------------------------------")
time.sleep(1)
#player 2
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player2=dice1+dice2
print("-----------------------------------------------------")
asdf = input("player 2 press enter to roll")
print("player 2 is rolling")
time.sleep(1)
print("player 2's first roll is",dice1)
time.sleep(1)
asdf = input("player 2 press enter to roll again")
time.sleep(1)
print("player 2's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player2 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player2=player2+10
print("score is",player2)
time.sleep(1)
if player2<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(1)
player2=player2-5
print("score is",player2)
time.sleep(3)
print("player 2 score",player2)
print("-----------------------------------------------------")
print("the total score for player 1 is ",totalscore1)
print("the total score for player 2 is ",totalscore2)
if totalscore1 > totalscore2:
print("player 1 wins")
file = open("scores.txt2","a+")
file.write("player 1 ")
file.write(username1)
file.write(" has won overall with ")
file.write(str(totalscore1))
file.write(" points")
file.write("n")
if totalscore2 > totalscore1:
print("player 2 wins")
file = open("scores.txt2","a+")
file.write("player 2 ")
file.write(username2)
file.write(" has won overall with ")
file.write(str(totalscore2))
file.write(" points")
file.write("n")
else:
print("incorrect username or password")
else:
print("incorrect username or password")
python python-3.x game dice
New contributor
2
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
2
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago
add a comment |
This is a two player dice game where two players each roll two dice. If a player's dice sum is even, they gain 10 points. If the dice total is odd, they lose 5 points.
import random
import time
import sys
print("*****************Welcome To The DICE Game*******************")
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
while abc not in ('e','n'):
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
if abc =="n":
print("make an account")
username=input("type in a username: ")
password1=input("type in a pasword: ")
password2=input("renter the password: ")
if password1==password2:
print("your password is",password1)
f = open ("username + password.txt","a+")
f.write(f"{username}:{password2}n")
f.close()
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
else:
print("the password you entered is not matching restart the program to start again")
sys.exit()
if abc == "e":
check = True
while check:
print("player 1 enter your details")
username1=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username1 + ":" + password) == line.strip():
print("you are logged in")
print("player 2 enter your details")
while check:
print("incoreect password or username please try again")
username2=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username2 + ":" + password) == line.strip():
check = False
print("you are logged on")
#game
player1=0
player2=0
print("*****************Welcome To The DICE Game*******************")
print("PLAYER 1 READY")
time.sleep(1)
print("PLAYER 2 READY")
totalscore1=0
totalscore2=0
#player 1
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
roundno = 1
while roundno < 5:
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player1=dice1+dice2
roundno=roundno+1
print("round",roundno)
time.sleep(1)
print("-----------------------------------------------------")
asdf = input("player 1, press enter to roll")
print("player 1 is rolling")
print("player 1's first roll is",dice1)
time.sleep(1)
print("player 1's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player1 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player1=player1+10
time.sleep(1)
print("score is",player1)
if player1<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(2)
player1=player1-5
print("score is",player1)
time.sleep(3)
print("player 1 score",player1)
print("-----------------------------------------------------")
time.sleep(1)
#player 2
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player2=dice1+dice2
print("-----------------------------------------------------")
asdf = input("player 2 press enter to roll")
print("player 2 is rolling")
time.sleep(1)
print("player 2's first roll is",dice1)
time.sleep(1)
asdf = input("player 2 press enter to roll again")
time.sleep(1)
print("player 2's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player2 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player2=player2+10
print("score is",player2)
time.sleep(1)
if player2<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(1)
player2=player2-5
print("score is",player2)
time.sleep(3)
print("player 2 score",player2)
print("-----------------------------------------------------")
print("the total score for player 1 is ",totalscore1)
print("the total score for player 2 is ",totalscore2)
if totalscore1 > totalscore2:
print("player 1 wins")
file = open("scores.txt2","a+")
file.write("player 1 ")
file.write(username1)
file.write(" has won overall with ")
file.write(str(totalscore1))
file.write(" points")
file.write("n")
if totalscore2 > totalscore1:
print("player 2 wins")
file = open("scores.txt2","a+")
file.write("player 2 ")
file.write(username2)
file.write(" has won overall with ")
file.write(str(totalscore2))
file.write(" points")
file.write("n")
else:
print("incorrect username or password")
else:
print("incorrect username or password")
python python-3.x game dice
New contributor
This is a two player dice game where two players each roll two dice. If a player's dice sum is even, they gain 10 points. If the dice total is odd, they lose 5 points.
import random
import time
import sys
print("*****************Welcome To The DICE Game*******************")
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
while abc not in ('e','n'):
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
if abc =="n":
print("make an account")
username=input("type in a username: ")
password1=input("type in a pasword: ")
password2=input("renter the password: ")
if password1==password2:
print("your password is",password1)
f = open ("username + password.txt","a+")
f.write(f"{username}:{password2}n")
f.close()
abc=input("please type in 'n' if your are a new user type 'e' if you are a existing user: ")
else:
print("the password you entered is not matching restart the program to start again")
sys.exit()
if abc == "e":
check = True
while check:
print("player 1 enter your details")
username1=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username1 + ":" + password) == line.strip():
print("you are logged in")
print("player 2 enter your details")
while check:
print("incoreect password or username please try again")
username2=input("Username = ")
password=input("Password = ")
with open("username + password.txt","r") as username_finder:
for line in username_finder:
if(username2 + ":" + password) == line.strip():
check = False
print("you are logged on")
#game
player1=0
player2=0
print("*****************Welcome To The DICE Game*******************")
print("PLAYER 1 READY")
time.sleep(1)
print("PLAYER 2 READY")
totalscore1=0
totalscore2=0
#player 1
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
roundno = 1
while roundno < 5:
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player1=dice1+dice2
roundno=roundno+1
print("round",roundno)
time.sleep(1)
print("-----------------------------------------------------")
asdf = input("player 1, press enter to roll")
print("player 1 is rolling")
print("player 1's first roll is",dice1)
time.sleep(1)
print("player 1's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player1 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player1=player1+10
time.sleep(1)
print("score is",player1)
if player1<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(2)
player1=player1-5
print("score is",player1)
time.sleep(3)
print("player 1 score",player1)
print("-----------------------------------------------------")
time.sleep(1)
#player 2
dice1 = random.randint(1,6)
dice2 = random.randint(1,6)
totalscore1=totalscore1+player1
totalscore2=totalscore2+player2
player2=dice1+dice2
print("-----------------------------------------------------")
asdf = input("player 2 press enter to roll")
print("player 2 is rolling")
time.sleep(1)
print("player 2's first roll is",dice1)
time.sleep(1)
asdf = input("player 2 press enter to roll again")
time.sleep(1)
print("player 2's second roll is",dice2)
time.sleep(1)
print("-----------------------------------------------------")
if player2 %2==0:
print("This is an even number. so +10 points")
time.sleep(1)
player2=player2+10
print("score is",player2)
time.sleep(1)
if player2<= 0:
print("you have lost the game")
sys.exit()
print("-----------------------------------------------------")
else:
print("This is an odd number.")
time.sleep(1)
player2=player2-5
print("score is",player2)
time.sleep(3)
print("player 2 score",player2)
print("-----------------------------------------------------")
print("the total score for player 1 is ",totalscore1)
print("the total score for player 2 is ",totalscore2)
if totalscore1 > totalscore2:
print("player 1 wins")
file = open("scores.txt2","a+")
file.write("player 1 ")
file.write(username1)
file.write(" has won overall with ")
file.write(str(totalscore1))
file.write(" points")
file.write("n")
if totalscore2 > totalscore1:
print("player 2 wins")
file = open("scores.txt2","a+")
file.write("player 2 ")
file.write(username2)
file.write(" has won overall with ")
file.write(str(totalscore2))
file.write(" points")
file.write("n")
else:
print("incorrect username or password")
else:
print("incorrect username or password")
python python-3.x game dice
python python-3.x game dice
New contributor
New contributor
edited 2 days ago
Graham
1,126115
1,126115
New contributor
asked 2 days ago
blob786blob786
384
384
New contributor
New contributor
2
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
2
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago
add a comment |
2
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
2
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago
2
2
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
2
2
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago
add a comment |
2 Answers
2
active
oldest
votes
This only addresses one aspect of your code, but I think it's an important point to communicate:
Login systems
If you ever actually need a login system, you should investigate cybersecurity and good practices in more depth. Generally, it's advisable to use an existing reputable library or API to accomplish such a task, since it's easy to make mistakes in your own implementation.
Having said that, there are a few things that are easy for me to notice in your code:
- Use
getpass.getpass
to prompt the password so others cannot see the entered password. - You should never save passwords in plaintext. Hashing and salting are standard security measures employed in all well-implemented password systems.
- Some other things I mentioned in my comment: it would probably be better to lock-out after too many wrong attempts to prevent brute force attacks, and it should probably prevent registration passwords that have identical hashes to those released in common password data dumps. But these are even more outside of the scope of this question's implicit context.
Of course as @jpmc mentions, this is somewhat less relevant for this particular program, since it stores the password locally. But in general, I think starting to consider the security implications of your implementation is important, even if it's just practice.
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
add a comment |
FUNCTIONS!
Divide your code into functions to make it more readable. In a couple of places, your code is 12 levels of indentation deep! That's the equivalent of 48 characters!
Spacing
Operators should usually have a space on either side.
with
The best way of opening files is as follows (to make sure it get closed even if there is an error):
with open(...) as f:
...
My modified version is available on repl.it.
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
return StackExchange.using("mathjaxEditing", function () {
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["\$", "\$"]]);
});
});
}, "mathjax-editing");
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "196"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
blob786 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f211125%2f2-player-dice-game-with-login-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
This only addresses one aspect of your code, but I think it's an important point to communicate:
Login systems
If you ever actually need a login system, you should investigate cybersecurity and good practices in more depth. Generally, it's advisable to use an existing reputable library or API to accomplish such a task, since it's easy to make mistakes in your own implementation.
Having said that, there are a few things that are easy for me to notice in your code:
- Use
getpass.getpass
to prompt the password so others cannot see the entered password. - You should never save passwords in plaintext. Hashing and salting are standard security measures employed in all well-implemented password systems.
- Some other things I mentioned in my comment: it would probably be better to lock-out after too many wrong attempts to prevent brute force attacks, and it should probably prevent registration passwords that have identical hashes to those released in common password data dumps. But these are even more outside of the scope of this question's implicit context.
Of course as @jpmc mentions, this is somewhat less relevant for this particular program, since it stores the password locally. But in general, I think starting to consider the security implications of your implementation is important, even if it's just practice.
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
add a comment |
This only addresses one aspect of your code, but I think it's an important point to communicate:
Login systems
If you ever actually need a login system, you should investigate cybersecurity and good practices in more depth. Generally, it's advisable to use an existing reputable library or API to accomplish such a task, since it's easy to make mistakes in your own implementation.
Having said that, there are a few things that are easy for me to notice in your code:
- Use
getpass.getpass
to prompt the password so others cannot see the entered password. - You should never save passwords in plaintext. Hashing and salting are standard security measures employed in all well-implemented password systems.
- Some other things I mentioned in my comment: it would probably be better to lock-out after too many wrong attempts to prevent brute force attacks, and it should probably prevent registration passwords that have identical hashes to those released in common password data dumps. But these are even more outside of the scope of this question's implicit context.
Of course as @jpmc mentions, this is somewhat less relevant for this particular program, since it stores the password locally. But in general, I think starting to consider the security implications of your implementation is important, even if it's just practice.
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
add a comment |
This only addresses one aspect of your code, but I think it's an important point to communicate:
Login systems
If you ever actually need a login system, you should investigate cybersecurity and good practices in more depth. Generally, it's advisable to use an existing reputable library or API to accomplish such a task, since it's easy to make mistakes in your own implementation.
Having said that, there are a few things that are easy for me to notice in your code:
- Use
getpass.getpass
to prompt the password so others cannot see the entered password. - You should never save passwords in plaintext. Hashing and salting are standard security measures employed in all well-implemented password systems.
- Some other things I mentioned in my comment: it would probably be better to lock-out after too many wrong attempts to prevent brute force attacks, and it should probably prevent registration passwords that have identical hashes to those released in common password data dumps. But these are even more outside of the scope of this question's implicit context.
Of course as @jpmc mentions, this is somewhat less relevant for this particular program, since it stores the password locally. But in general, I think starting to consider the security implications of your implementation is important, even if it's just practice.
This only addresses one aspect of your code, but I think it's an important point to communicate:
Login systems
If you ever actually need a login system, you should investigate cybersecurity and good practices in more depth. Generally, it's advisable to use an existing reputable library or API to accomplish such a task, since it's easy to make mistakes in your own implementation.
Having said that, there are a few things that are easy for me to notice in your code:
- Use
getpass.getpass
to prompt the password so others cannot see the entered password. - You should never save passwords in plaintext. Hashing and salting are standard security measures employed in all well-implemented password systems.
- Some other things I mentioned in my comment: it would probably be better to lock-out after too many wrong attempts to prevent brute force attacks, and it should probably prevent registration passwords that have identical hashes to those released in common password data dumps. But these are even more outside of the scope of this question's implicit context.
Of course as @jpmc mentions, this is somewhat less relevant for this particular program, since it stores the password locally. But in general, I think starting to consider the security implications of your implementation is important, even if it's just practice.
edited 2 days ago
answered 2 days ago
GrahamGraham
1,126115
1,126115
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
add a comment |
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
1
1
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
This is all useless considering that it's stored in a plain text file that the user has access to.
– jpmc26
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
@jpmc26 True, but I really just wanted to make some general points about cybersecurity, hence the caveat need. I also didn't mention that it should probably rate limit for brute force attacks, or prevention of people registering simple passwords are problems. I could, (and will) edit that into my answer. I do agree that Carcigenicate's answer is probably more implementable and immediately useful advice. My intention is communicating a bit of a larger picture idea: cybersecurity is easy to get wrong.
– Graham
2 days ago
add a comment |
FUNCTIONS!
Divide your code into functions to make it more readable. In a couple of places, your code is 12 levels of indentation deep! That's the equivalent of 48 characters!
Spacing
Operators should usually have a space on either side.
with
The best way of opening files is as follows (to make sure it get closed even if there is an error):
with open(...) as f:
...
My modified version is available on repl.it.
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
add a comment |
FUNCTIONS!
Divide your code into functions to make it more readable. In a couple of places, your code is 12 levels of indentation deep! That's the equivalent of 48 characters!
Spacing
Operators should usually have a space on either side.
with
The best way of opening files is as follows (to make sure it get closed even if there is an error):
with open(...) as f:
...
My modified version is available on repl.it.
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
add a comment |
FUNCTIONS!
Divide your code into functions to make it more readable. In a couple of places, your code is 12 levels of indentation deep! That's the equivalent of 48 characters!
Spacing
Operators should usually have a space on either side.
with
The best way of opening files is as follows (to make sure it get closed even if there is an error):
with open(...) as f:
...
My modified version is available on repl.it.
FUNCTIONS!
Divide your code into functions to make it more readable. In a couple of places, your code is 12 levels of indentation deep! That's the equivalent of 48 characters!
Spacing
Operators should usually have a space on either side.
with
The best way of opening files is as follows (to make sure it get closed even if there is an error):
with open(...) as f:
...
My modified version is available on repl.it.
answered 2 days ago
Solomon UckoSolomon Ucko
1,030414
1,030414
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
add a comment |
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
could you check my code and modify it if anything is wrong please [codereview.stackexchange.com/questions/210517/…
– colkat406
yesterday
add a comment |
blob786 is a new contributor. Be nice, and check out our Code of Conduct.
blob786 is a new contributor. Be nice, and check out our Code of Conduct.
blob786 is a new contributor. Be nice, and check out our Code of Conduct.
blob786 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Code Review Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f211125%2f2-player-dice-game-with-login-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
Is this at all related to codereview.stackexchange.com/q/210517/46840?
– Carcigenicate
2 days ago
no thats my friend we go to the same school
– blob786
2 days ago
2
Ahh. I knew it looked familiar. And some of the tips mentioned in the other post apply here as well. It's worth reviewing.
– Carcigenicate
2 days ago
I know my friend told me to look at his posts as well
– blob786
2 days ago