Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #24834
| References | (3 earlier) <mailman.1631.1340982202.4697.python-list@python.org> <EaAHr.369967$of1.132220@fx06.am4> <mailman.1753.1341338042.4697.python-list@python.org> <jsvd15$86m$1@reader1.panix.com> <CALwzidkL4bgmRnOZjDGgy0kVWdY=duoQonNrjSyT7_9dQqtNCg@mail.gmail.com> |
|---|---|
| Date | 2012-07-04 07:51 +1000 |
| Subject | Re: code review |
| From | Chris Angelico <rosuav@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1761.1341352280.4697.python-list@python.org> (permalink) |
On Wed, Jul 4, 2012 at 4:27 AM, Ian Kelly <ian.g.kelly@gmail.com> wrote: > On Tue, Jul 3, 2012 at 12:18 PM, John Gordon <gordon@panix.com> wrote: >> As a practical matter, doesn't there have to be *some* sort of limit? >> For example if the (encrypted) password is stored in a database, you can't >> exceed the table column width. > > Hopefully you're storing password hashes, not encrypted passwords > (which can all too easily be DEcrypted), and the length of the hash is > not dependent on the length of the password. But yes, there are > certainly practical concerns here. With a hash length of N bits, there's not much use accepting passwords longer than about N/4 or N/2 bytes. (It would be N/8 except that most people don't invent passwords that use the entire available alphabet. And of course, this ignores issues of encodings, but I'm pretty sure all current crypto hashes work with bytes not characters anyway.) But please, don't limit password lengths too much. Make your password system XKCD 936 compliant: http://xkcd.com/936/ Permit long passwords consisting of nothing but lowercase letters. They really aren't as insecure as some people think! ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
code review "Littlefield, Tyler" <tyler@tysdomain.com> - 2012-06-28 20:57 -0600
Re: code review alex23 <wuwei23@gmail.com> - 2012-06-28 20:58 -0700
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-06-29 07:31 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-06-29 17:42 +1000
Re: code review "Littlefield, Tyler" <tyler@tysdomain.com> - 2012-06-29 09:03 -0600
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-29 19:41 +0000
Re: code review MRAB <python@mrabarnett.plus.com> - 2012-06-29 21:09 +0100
Re: code review "Martin P. Hellwig" <martin.hellwig@gmail.com> - 2012-06-29 13:27 -0700
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-29 20:43 +0000
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-06-29 19:02 -0400
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-06-29 23:02 -0400
Re: code review "Littlefield, Tyler" <tyler@tysdomain.com> - 2012-06-29 14:49 -0600
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 09:31 +0000
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 09:36 +0000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-06-30 02:28 +0000
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 09:22 +0000
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-06-29 23:00 -0400
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 10:04 +0000
Re: code review Peter Otten <__peter__@web.de> - 2012-06-30 12:29 +0200
Re: code review Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2012-06-30 20:39 +0200
Re: code review Thomas Jollans <t@jollybox.de> - 2012-06-30 21:38 +0200
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 20:30 +0000
Re: code review Thomas Jollans <t@jollybox.de> - 2012-06-30 22:50 +0200
Re: code review Alain Ketterlin <alain@dpt-info.u-strasbg.fr> - 2012-06-30 23:07 +0200
Re: code review Thomas Jollans <t@jollybox.de> - 2012-06-30 23:35 +0200
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-06-30 17:47 -0400
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-01 00:05 +0200
Re: code review Alain Ketterlin <alain@dpt-info.u-strasbg.fr> - 2012-07-01 01:03 +0200
Re: code review Ben Finney <ben+python@benfinney.id.au> - 2012-07-01 10:08 +1000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 10:37 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-01 03:23 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 13:48 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-01 06:54 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 16:59 +1000
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-07-01 05:55 -0400
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 01:26 +0000
Re: code review Albert van der Horst <albert@spenarnc.xs4all.nl> - 2012-07-13 12:30 +0000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-13 15:04 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-14 01:36 +1000
Re: code review rusi <rustompmody@gmail.com> - 2012-07-13 09:24 -0700
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-07-13 16:39 -0400
Re: code review Duncan Booth <duncan.booth@invalid.invalid> - 2012-07-16 10:43 +0000
Re: code review Ben Finney <ben+python@benfinney.id.au> - 2012-07-16 21:34 +1000
Re: code review Albert van der Horst <albert@spenarnc.xs4all.nl> - 2012-07-17 10:54 +0000
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-07-13 19:09 -0400
Re: code review Ian Kelly <ian.g.kelly@gmail.com> - 2012-07-14 03:26 -0600
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-07-14 16:42 -0400
Re: code review rusi <rustompmody@gmail.com> - 2012-06-30 21:07 -0700
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 14:20 +1000
Re: code review Ben Finney <ben+python@benfinney.id.au> - 2012-07-01 17:28 +1000
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-01 09:46 +0200
Re: code review HoneyMonster <nobody@someplace.invalid> - 2012-07-01 20:53 +0000
Re: code review Devin Jeanpierre <jeanpierreda@gmail.com> - 2012-07-01 05:18 -0400
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 00:41 +0000
Re: code review Devin Jeanpierre <jeanpierreda@gmail.com> - 2012-07-01 21:40 -0400
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-07-01 13:41 -0400
Re: code review John O'Hagan <research@johnohagan.com> - 2012-07-02 14:43 +1000
Re: Re: code review Evan Driscoll <driscoll@cs.wisc.edu> - 2012-06-30 23:45 -0500
Re: Re: code review Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2012-07-01 08:57 +0200
Re: code review Alister <alister.ware@ntlworld.com> - 2012-07-01 09:54 +0000
Re: Re: code review Evan Driscoll <driscoll@cs.wisc.edu> - 2012-07-01 10:48 -0500
Re: Re: code review lars van gemerden <lars@rational-it.com> - 2012-07-06 04:22 -0700
Re: Re: code review lars van gemerden <lars@rational-it.com> - 2012-07-06 04:22 -0700
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-06 13:58 +0000
Re: code review Roy Smith <roy@panix.com> - 2012-07-13 08:32 -0700
Re: code review Evan Driscoll <driscoll@cs.wisc.edu> - 2012-06-30 23:57 -0500
Re: code review Thomas 'PointedEars' Lahn <PointedEars@web.de> - 2012-07-01 09:04 +0200
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-01 02:06 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 12:20 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-01 04:17 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 14:23 +1000
Re: code review Steven D'Aprano <steve+usenet@pearwood.info> - 2012-07-01 06:27 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 16:33 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 01:28 +0000
Re: code review Devin Jeanpierre <jeanpierreda@gmail.com> - 2012-07-01 21:50 -0400
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 07:29 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-02 12:04 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 08:11 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-02 18:20 +1000
Re: code review Rick Johnson <rantingrickjohnson@gmail.com> - 2012-07-02 08:57 -0700
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-03 02:42 +1000
Re: code review Rick Johnson <rantingrickjohnson@gmail.com> - 2012-07-02 11:22 -0700
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-02 21:06 +0200
Re: code review Rick Johnson <rantingrickjohnson@gmail.com> - 2012-07-02 12:35 -0700
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-03 07:57 +1000
Re: code review Neil Cerutti <neilc@norwich.edu> - 2012-07-03 12:19 +0000
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-07-02 01:20 -0400
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-02 16:41 +0200
Re: code review Terry Reedy <tjreedy@udel.edu> - 2012-07-02 11:33 -0400
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-01 09:35 +0200
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-02 00:43 +0000
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-02 16:26 +0200
Re: code review Rick Johnson <rantingrickjohnson@gmail.com> - 2012-07-02 08:16 -0700
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-03 02:55 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-03 00:57 +0000
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-03 11:22 +1000
Re: code review John O'Hagan <research@johnohagan.com> - 2012-07-03 12:25 +1000
Re: code review Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-07-03 04:11 +0000
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-07-03 02:09 -0400
Re: code review Roy Smith <roy@panix.com> - 2012-07-03 08:33 -0400
Re: code review Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-03 16:53 +0100
Re: code review Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-07-03 17:32 -0400
Re: code review rusi <rustompmody@gmail.com> - 2012-07-02 22:10 -0700
Re: code review Ben Finney <ben+python@benfinney.id.au> - 2012-07-03 15:46 +1000
Re: code review John O'Hagan <research@johnohagan.com> - 2012-07-04 00:59 +1000
Re: code review Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-03 16:50 +0100
Re: code review Paul Rudin <paul.nospam@rudin.co.uk> - 2012-07-04 10:29 +0100
Re: code review Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-04 17:25 +0100
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-04 01:53 +1000
Re: code review Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-03 17:05 +0100
Re: code review Dave Angel <d@davea.name> - 2012-07-03 16:13 -0400
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-04 07:54 +1000
Re: code review Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-04 09:28 +0100
Re: code review rusi <rustompmody@gmail.com> - 2012-06-30 19:37 -0700
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-01 09:25 +1000
Re: code review Thomas Jollans <t@jollybox.de> - 2012-07-01 01:50 +0200
Re: code review "Martin P. Hellwig" <martin.hellwig@gmail.com> - 2012-06-30 14:48 -0700
Re: code review Ian Kelly <ian.g.kelly@gmail.com> - 2012-07-02 13:16 -0600
Re: code review Alister <alister.ware@ntlworld.com> - 2012-06-30 20:25 +0000
Re: code review Kushal Kumaran <kushal.kumaran+python@gmail.com> - 2012-07-03 23:23 +0530
Re: code review John Gordon <gordon@panix.com> - 2012-07-03 18:18 +0000
Re: code review Ian Kelly <ian.g.kelly@gmail.com> - 2012-07-03 12:27 -0600
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-04 07:51 +1000
Re: code review Ian Kelly <ian.g.kelly@gmail.com> - 2012-07-03 12:19 -0600
Re: code review kushal.kumaran+python@gmail.com - 2012-07-04 08:27 +0530
Re: code review Chris Angelico <rosuav@gmail.com> - 2012-07-04 13:53 +1000
Re: code review Simon Cropper <simoncropper@fossworkflowguides.com> - 2012-07-04 14:55 +1000
Re: code review "Littlefield, Tyler" <tyler@tysdomain.com> - 2012-07-03 23:39 -0600
Re: code review alex23 <wuwei23@gmail.com> - 2012-07-03 23:17 -0700
Re: code review rusi <rustompmody@gmail.com> - 2012-07-04 00:05 -0700
Apology for OT posts (was: code review) John O'Hagan <research@johnohagan.com> - 2012-07-06 12:06 +1000
Re: Apology for OT posts Simon Cropper <simoncropper@fossworkflowguides.com> - 2012-07-06 15:30 +1000
Re: Apology for OT posts Chris Angelico <rosuav@gmail.com> - 2012-07-06 17:45 +1000
Re: Apology for OT posts Mark Lawrence <breamoreboy@yahoo.co.uk> - 2012-07-06 10:37 +0100
csiph-web