Prev: ANN: Leo 4.7 final released
Next: AKKA vs Python
From: Aahz on 28 Feb 2010 02:28
In article <mailman.247.1267115557.4577.python-list(a)python.org>,
Robert Kern <robert.kern(a)gmail.com> wrote:
>
>If you are storing the password instead of making your user remember
>it, most platforms have some kind of keychain secure password
>storage. I recommend reading up on the APIs available on your targeted
>platforms.

Are you sure? I haven't done a lot of research, but my impression was
that Windows didn't have anything built in.
--
Aahz (aahz(a)pythoncraft.com) <*> http://www.pythoncraft.com/

"Many customs in this life persist because they ease friction and promote
productivity as a result of universal agreement, and whether they are
precisely the optimal choices is much less important." --Henry Spencer
From: Paul Rubin on 28 Feb 2010 03:43
aahz(a)pythoncraft.com (Aahz) writes:
> Are you sure? I haven't done a lot of research, but my impression was
> that Windows didn't have anything built in.

I don't know much about the windows but there is the CAPI and then
there is all the TCPA (i.e. DRM) stuff. Maybe it can be used somehow.
From: Robert Kern on 2 Mar 2010 11:37
On 2010-02-28 01:28 AM, Aahz wrote:
> In article<mailman.247.1267115557.4577.python-list(a)python.org>,
> Robert Kern<robert.kern(a)gmail.com> wrote:
>>
>> If you are storing the password instead of making your user remember
>> it, most platforms have some kind of keychain secure password
>> storage. I recommend reading up on the APIs available on your targeted
>> platforms.
>
> Are you sure? I haven't done a lot of research, but my impression was
> that Windows didn't have anything built in.

You're right, not built-in, but Windows does provide enough crypto services for
a cross-platform Python implementation to be built:

http://pypi.python.org/pypi/keyring

--
Robert Kern

"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco

From: Aahz on 2 Mar 2010 17:59
In article <mailman.120.1267548006.23598.python-list(a)python.org>,
Robert Kern <robert.kern(a)gmail.com> wrote:
>On 2010-02-28 01:28 AM, Aahz wrote:
>> In article<mailman.247.1267115557.4577.python-list(a)python.org>,
>> Robert Kern<robert.kern(a)gmail.com> wrote:
>>>
>>> If you are storing the password instead of making your user remember
>>> it, most platforms have some kind of keychain secure password
>>> storage. I recommend reading up on the APIs available on your targeted
>>> platforms.
>>
>> Are you sure? I haven't done a lot of research, but my impression was
>> that Windows didn't have anything built in.
>
>You're right, not built-in, but Windows does provide enough crypto
>services for a cross-platform Python implementation to be built:
>
> http://pypi.python.org/pypi/keyring

Thanks you! That's a big help!
--
Aahz (aahz(a)pythoncraft.com) <*> http://www.pythoncraft.com/

"Many customs in this life persist because they ease friction and promote
productivity as a result of universal agreement, and whether they are
precisely the optimal choices is much less important." --Henry Spencer
From: Lie Ryan on 2 Mar 2010 22:51
On 02/25/2010 06:16 AM, mk wrote:
> On 2010-02-24 20:01, Robert Kern wrote:
>> I will repeat my advice to just use random.SystemRandom.choice() instead
>> of trying to interpret the bytes from /dev/urandom directly.
>
> Out of curiosity:
>
> def gen_rand_string(length):
> prng = random.SystemRandom()
> chars = []
> for i in range(length):
> chars.append(prng.choice('abcdefghijklmnopqrstuvwxyz'))
> return ''.join(chars)
>
> if __name__ == "__main__":
> chardict = {}
> for i in range(10000):
> ## w = gen_rand_word(10)
> w = gen_rand_string(10)
> count_chars(chardict, w)
> counts = list(chardict.items())
> counts.sort(key = operator.itemgetter(1), reverse = True)
> for char, count in counts:
> print char, count
>
>
> s 3966
> d 3912
> g 3909
> h 3905
> a 3901
> u 3900
> q 3891
> m 3888
> k 3884
> b 3878
> x 3875
> v 3867
> w 3864
> y 3851
> l 3825
> z 3821
> c 3819
> e 3819
> r 3816
> n 3808
> o 3797
> f 3795
> t 3784
> p 3765
> j 3730
> i 3704
>
> Better, although still not perfect.
>

I give you this:

I give you this:

import itertools
def gen():
valid_chars = 'abcdefghijklmnopqrstuvwxyz'
for char in itertools.repeat(valid_chars):
yield char

gen = gen()
def gen_rand_string(length):
chars = (next(gen) for i in range(length))
return ''.join(chars)

since it gives me a perfect distribution of letters, it must be a very
secure random password generation scheme.
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5 6 7 8 9 10 11
Prev: ANN: Leo 4.7 final released
Next: AKKA vs Python