[issue17006] Warn users about hashing secrets?
STINNER Victor
report at bugs.python.org
Mon Nov 18 00:05:47 CET 2013
STINNER Victor added the comment:
> For passwords a key stretching and key derivation function like PBKDF2, bcrypt or scrypt is much more secure.
It looks like Python 3.4 now provides something for pbkdf2, so it may be interested to mention it on the top of the hashlib in your warning.
http://docs.python.org/dev/library/hashlib.html#hashlib.pbkdf2_hmac
----------
nosy: +haypo
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17006>
_______________________________________
More information about the Python-bugs-list
mailing list