On Tue, Sep 22, 2015 at 04:01:51PM +0000, Brett Cannon wrote:
Out of this whole proposal, this password function is the one I'm most worried about. As someone who has a project whose entire job is to generate consistent passwords, I can tell you it's a messy business that will just lead to never-ending complaints about "why didn't you include this as part of password alphabet" or "why did you choose that length". It just isn't worth the hassle when it isn't going to impact a majority of Python users. This can be something that web frameworks and other folks worry about.
I too feel a quiet unease about password(), although I don't have anything concrete to pin it on. I'm happy to be guided by people with more experience in this realm. What if we called it simple_password() and made it clear that it wasn't intended as an all-singing, all-dancing password generator? -- Steve