Template language for random string generation
Devin Jeanpierre
jeanpierreda at gmail.com
Mon Aug 11 03:01:58 EDT 2014
On Sun, Aug 10, 2014 at 7:22 PM, Steven D'Aprano
<steve+comp.lang.python at pearwood.info> wrote:
> Devin Jeanpierre wrote:
>
>> On Sun, Aug 10, 2014 at 9:31 AM, Steven D'Aprano
>> <steve+comp.lang.python at pearwood.info> wrote:
>
>>> I don't think that using a good, but not cryptographically-strong, random
>>> number generator to generate passwords is a serious vulnerability. What's
>>> your threat model?
>>
>> I've always wanted a password generator that worked on the fly based
>> off of a master password. If the passwords are generated randomly but
>> not cryptographically securely so, then given sufficiently many
>> passwords, the master password might be deduced.
>
> o_O
>
> So, what you're saying is that you're concerned that if an attacker has all
> your passwords, they might be able to generate new passwords?
No, I meant what I said. I was pretty specific.
-- Devin
More information about the Python-list
mailing list