Weak salts for auth backend

[ninjaneo]

salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]

Does not provide enough entropy, as its solely numeric, and always begins with: '0.'
That means it only increases complexity by 3 numbers. 10*10*10 = 1000 possibilities.
Noticed there is also no iterative hashing performed (rounds), which is crucial part of salting.

Perhaps use os.urandom?

[Paul McMillan]

This has been discussed before. I'm not sure where you're getting "solely numeric" and "always starts with 0", but you might look at #15367, #5600, and #13969 for discussions of the length.

Closing as a dupe, most particularly of #13969.

[anonymous]

Was refering to the use of str(random.random())[:5] sample output:

str(random.random())[:5]

'0.545'
'0.895'
etc.

[Paul McMillan]

Read the code again. Maybe try it in a Python interpreter. The function takes two long random inputs, hashes them, and only then truncates the resulting hash. The hash is truncated, not the random number. So you're really looking at 16⁵ = 1048576 possibilities. I agree that it's still too short, but it's not at all as bad as you make it out to be.

When you report issues like this, please take the time to verify that the code actually works the way you think it does. It makes it a lot easier for everyone if the bug report doesn't contain misleading information.

Also, for the record, iterative hashing is an issue which is completely orthogonal to salting. They both contribute to security, but in different ways. Iterative hashing is related to algorithm choice. Salting is designed to prevent pre-computed dictionary attacks.