[docs] [issue33360] ALternative recipe for password using secrets

Juan Postlbauer report at bugs.python.org
Wed Apr 25 18:58:37 EDT 2018 

New submission from Juan Postlbauer <jpc4242 at gmail.com>:

Chapter 15.3.4 shows a recipe with an infinite potential loop.
An alternative would be:

''.join(sorted([choice(string.ascii_lowercase) for i in range(1)]+[choice(string.ascii_uppercase) for i in range(1)]+[choice(string.digits) for i in range(3)]+[choice(string.ascii_letters+string.digits) for i in range(10-(1+1+3))],key=lambda x:randbelow(4096)))

Can we assume secrets.SystemRandom is cryptographically strong but has all the methods of random??
If so it can be done in a more understandable way by using choices and shuffle. (see 2 examples below)

def generate_password_random(totalchars=10,minlower=1,minupper=1,mindigits=3):
    restcount= totalchars-(minlower+minupper+mindigits)
    if restcount<0:
        raise ValueError("Impossible conditions")
    lowerchars=random.choices(string.ascii_lowercase,k=minlower)
    upperchars=random.choices(string.ascii_uppercase,k=minupper)
    digitchars=random.choices(string.digits,k=mindigits)
    restchars=random.choices(string.ascii_letters+string.digits,k=restcount)
    allchars=lowerchars+upperchars+digitchars+restchars
    random.shuffle(allchars)
    password=''.join(allchars)
    return password

def generate_password_secrets(totalchars=10,minlower=1,minupper=1,mindigits=3):
    restcount= totalchars- (minlower+minupper+mindigits)
    if restcount<0:
        raise ValueError("Impossible conditions")
    lowerchars=[secrets.choice(string.ascii_lowercase) for _ in range(minlower)]
    upperchars=[secrets.choice(string.ascii_uppercase) for _ in range(minupper)]
    digitchars=[secrets.choice(string.digits) for _ in range (mindigits)]
    restchars=[secrets.choice(string.ascii_letters+string.digits) for _ in range (restcount)]
    allchars=lowerchars+upperchars+digitchars+restchars
    allchars.sort(key=lambda x:secrets.randbelow(4096))
    password=''.join(allchars)
    return password

----------
assignee: docs at python
components: Documentation
messages: 315763
nosy: docs at python, jpc4242
priority: normal
severity: normal
status: open
title: ALternative recipe for password using secrets
type: enhancement
versions: Python 3.6

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue33360>
_______________________________________

More information about the docs mailing list