Message 203225 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	Ramchandra Apte, alex, asvetlov, christian.heimes, docs@python, ezio.melotti, giampaolo.rodola, hynek, vstinner
Date	2013-11-17.23:05:47
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1384729547.18.0.0955878925289.issue17006@psf.upfronthosting.co.za>
In-reply-to

Content
> For passwords a key stretching and key derivation function like PBKDF2, bcrypt or scrypt is much more secure. It looks like Python 3.4 now provides something for pbkdf2, so it may be interested to mention it on the top of the hashlib in your warning. http://docs.python.org/dev/library/hashlib.html#hashlib.pbkdf2_hmac

> For passwords a key stretching and key derivation function like PBKDF2, bcrypt or scrypt is much more secure.

It looks like Python 3.4 now provides something for pbkdf2, so it may be interested to mention it on the top of the hashlib in your warning.

http://docs.python.org/dev/library/hashlib.html#hashlib.pbkdf2_hmac

History
Date	User	Action	Args
2013-11-17 23:05:47	vstinner	set	recipients: + vstinner, giampaolo.rodola, christian.heimes, ezio.melotti, alex, asvetlov, docs@python, Ramchandra Apte, hynek
2013-11-17 23:05:47	vstinner	set	messageid: <1384729547.18.0.0955878925289.issue17006@psf.upfronthosting.co.za>
2013-11-17 23:05:47	vstinner	link	issue17006 messages
2013-11-17 23:05:47	vstinner	create