Security Path

Secure input, password generation, encryption, and two-factor authentication.

graph TD
    getpass["getpass-tty"] --> randpw["random-password"]
    randpw --> fernet["fernet-encryption"]
    fernet --> pyotp["pyotp-docker"]

    style getpass fill:#ffebee,stroke:#c62828
    style randpw fill:#ffebee,stroke:#c62828
    style fernet fill:#ffebee,stroke:#c62828
    style pyotp fill:#ffebee,stroke:#c62828

    click getpass "../wiki/lightning-talks/getpass-tty/"
    click randpw "../wiki/lightning-talks/random-password/"
    click fernet "../wiki/lightning-talks/fernet-database-encryption/"
    click pyotp "../wiki/lightning-talks/pyotp-docker/"

The Sequence

1. getpass & TTY — Secure password input with getpass, terminal detection with isatty(). Stdlib only.
2. Random Password — Cryptographically secure random generation with secrets, entropy calculation, password strategies.
3. Fernet Database Encryption — Symmetric encryption at rest with SQLAlchemy. Encrypt PII in database columns.
4. PyOTP + Docker — Time-based one-time passwords (TOTP) for 2FA, packaged in a Docker container.

Where to Go Next

• PyOTP + Docker connects to → Packaging & Distribution (containerization)
• Fernet uses SQLAlchemy — explore the database-talk repo for more database content