[Python-ideas] Strong password hashing algorithms in the standard library
Terry Chia
terrycwk1994 at gmail.com
Wed Jan 8 11:16:47 CET 2014
Hi all,
I would like to propose that a new library for strong password hashing
algorithms[1]
be included in the standard library. The proposed library should have
implementations
of one or more strong password hashes like pbkdf2, bcrypt or scrypt.
There already exist third party libraries like passlib[2] that accomplishes
the same thing
but I feel that inclusion of the algorithms in the standard library would
do a lot to help
people that are not as security-aware to do the right thing when it comes
to password
storage.
Alternatively, if the idea of adding the algorithms into the standard
library does not have
much support, I would like to see a warning added to the hashlib[3]
documentation
discouraging its use for password hashing.
Thoughts?
Cheers,
Terry
[1] http://security.stackexchange.com/q/211/10211
[2] https://code.google.com/p/passlib/
[3] http://docs.python.org/2/library/hashlib.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20140108/ba80d8bf/attachment.html>
More information about the Python-ideas
mailing list