This beginner-friendly tutorial walks through building a Password Security Suite using Python + Tkinter.
Weβll break the app into small, understandable steps, with short code blocks and explanationsβperfect for a Dev.to article or learning project.
π§° What Weβre Building
By the end, youβll have a desktop app that can:
Generate secure passwords
Calculate password entropy
Estimate crack time
Visually show password strength
Copy passwords safely (auto-clear clipboard)
Keep a password history vault
Export passwords to a .txt file
Check passwords against data breaches (HIBP API)
Toggle dark mode
π¦ Step 1: Imports and Dependencies
We start by importing all required modules.
import sys
import os
import random
import string
import math
import time
import hashlib
import threading
import requests
import tkinter as tk
from tkinter import ttk, messagebox, filedialog
import sv_ttk
Why these modules?
tkinter / ttk β GUI
random / string β password generation
math β entropy calculation
hashlib β SHA-1 hashing
requests β breach API check
threading / time β clipboard auto-clear
sv_ttk β modern UI theme
π Step 2: Helper Functions
Resource Path (for packaging later)
def resource_path(file_name):
base_path = getattr(sys, "_MEIPASS", os.path.dirname(os.path.abspath(__file__)))
return os.path.join(base_path, file_name)
This ensures assets work both in development and bundled apps (like PyInstaller).
Status Bar Updates
def set_status(msg):
status_var.set(msg)
root.update_idletasks()
Used to give live feedback to the user.
πͺ Step 3: App Window Setup
root = tk.Tk()
root.title("Password Security Suite")
root.geometry("720x680")
sv_ttk.set_theme("light")
We create the main window and apply a modern light theme.
π Step 4: Global State Variables
dark_mode_var = tk.BooleanVar(value=False)
show_password_var = tk.BooleanVar(value=False)
password_var = tk.StringVar()
entropy_var = tk.StringVar(value="Entropy: β bits")
crack_time_var = tk.StringVar(value="Time to crack: β")
Tkinter variables automatically update UI widgets.
Password Options
length_var = tk.IntVar(value=14)
use_upper = tk.BooleanVar(value=True)
use_lower = tk.BooleanVar(value=True)
use_digits = tk.BooleanVar(value=True)
use_symbols = tk.BooleanVar(value=True)
These control how passwords are generated.
π¨ Step 5: Dark Mode Toggle
def toggle_theme():
bg = "#2E2E2E" if dark_mode_var.get() else "#FFFFFF"
fg = "white" if dark_mode_var.get() else "black"
root.configure(bg=bg)
for w in ["TFrame", "TLabel", "TLabelframe", "TLabelframe.Label", "TCheckbutton"]:
style.configure(w, background=bg, foreground=fg)
Switches colors dynamically when the user enables dark mode.
π’ Step 6: Password Entropy Calculation
def calculate_entropy(pwd):
pool = 0
if any(c.islower() for c in pwd): pool += 26
if any(c.isupper() for c in pwd): pool += 26
if any(c.isdigit() for c in pwd): pool += 10
if any(c in string.punctuation for c in pwd): pool += len(string.punctuation)
return round(len(pwd) * math.log2(pool), 2) if pool else 0
Entropy measures how hard a password is to guess.
β³ Step 7: Crack Time Estimation
GUESSES_PER_SECOND = 1e10
def estimate_crack_time(entropy):
guesses = 2 ** entropy
seconds = guesses / GUESSES_PER_SECOND
units = [("years", 31536000), ("days", 86400), ("hours", 3600), ("minutes", 60)]
for name, div in units:
if seconds >= div:
return f"{seconds/div:.2f} {name}"
return f"{seconds:.2f} seconds"
This assumes a realistic offline brute-force attack.
π Step 8: Strength Visualization
def update_strength_visuals(entropy):
progress["value"] = min(entropy, 100)
if entropy < 40:
color, label = "red", "Weak β"
elif entropy < 60:
color, label = "orange", "Medium β οΈ"
elif entropy < 80:
color, label = "green", "Strong β
"
else:
color, label = "purple", "Very Strong π₯"
style.configure("Entropy.Horizontal.TProgressbar", background=color)
strength_label.config(text=label)
Users instantly see how strong their password is.
π Step 9: Password Generation
def generate_password():
chars = ""
if use_upper.get(): chars += string.ascii_uppercase
if use_lower.get(): chars += string.ascii_lowercase
if use_digits.get(): chars += string.digits
if use_symbols.get(): chars += string.punctuation
if not chars:
messagebox.showwarning("Error", "Select at least one character type.")
return
pwd = "".join(random.choice(chars) for _ in range(length_var.get()))
password_var.set(pwd)
evaluate_password(pwd)
add_to_history(pwd)
check_breach(pwd)
π Step 10: Clipboard Auto-Clear
def copy_password():
root.clipboard_clear()
root.clipboard_append(password_var.get())
threading.Thread(target=clear_clipboard_timer, daemon=True).start()
def clear_clipboard_timer():
time.sleep(15)
root.clipboard_clear()
This prevents passwords from lingering in memory.
π Step 11: Export Password History
def export_history_txt():
file_path = filedialog.asksaveasfilename(defaultextension=".txt")
if not file_path:
return
with open(file_path, "w") as f:
for i, pwd in enumerate(password_history, 1):
f.write(f"{i}. {pwd}\n")
Allows safe offline storage.
π¨ Step 12: Breach Detection (HIBP)
def check_breach(pwd):
sha1 = hashlib.sha1(pwd.encode()).hexdigest().upper()
prefix, suffix = sha1[:5], sha1[5:]
res = requests.get(f"https://api.pwnedpasswords.com/range/{prefix}")
for line in res.text.splitlines():
if suffix in line:
messagebox.showwarning("Breach Found", "Password found in breaches!")
Uses k-anonymity, so the full password is never sent.
𧱠Step 13: UI Layout (Tkinter)
We use Frame, Label, Entry, Button, and Progressbar widgets to build the interface.
This section is mostly visual, so feel free to experiment with spacing and styles.
βΆοΈ Step 14: Run the App
root.mainloop()
This starts the Tkinter event loop.
π Final Thoughts
Youβve built a real-world security-focused desktop app with:
Cryptography
API usage
Threading
UI design
Perfect for:
Portfolios
Learning Python GUIs
Security fundamentals
Happy hacking! π
Top comments (0)