Opened 8 years ago

Closed 7 years ago

Last modified 5 years ago

#9101 closed (wontfix)

Improved salt generation for django.contrib.auth

Reported by: toxik Owned by: nobody
Component: contrib.auth Version: master
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


Currently, the salts generated by the auth framework are pretty weak.

This patch changes the behavior of doing a SHA1 hash of digits into choosing five random characters from the lower and upper alphabet, as well as any digit. [a-zA-Z0-9]

See the django-dev this:

Attachments (2)

django-salts.diff (859 bytes) - added by toxik 8 years ago.
9101.diff (1014 bytes) - added by mboersma 7 years ago.
Updated patch to use string.punctuation as well

Download all attachments as: .zip

Change History (9)

Changed 8 years ago by toxik

comment:1 Changed 8 years ago by jacob

  • milestone set to 1.1
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted

comment:2 Changed 7 years ago by anonymous

You can also add string.punctuation to the SALT_CHARS soup.

Changed 7 years ago by mboersma

Updated patch to use string.punctuation as well

comment:3 Changed 7 years ago by mboersma

Tested on sqlite, PostGres, and Oracle.

comment:4 Changed 7 years ago by toxik

Regarding the latest patch, why import the name each time the function is run? I mean no, it's probably not going to be noticeable WRT the function's purpose, but I'm curious.

comment:5 Changed 7 years ago by mboersma

I was just following the example of the existing code, which imported the module inside the function. Elsewhere in the same module there's a similar import of random within another function, so I assumed there was some benefit to delaying the import until it's needed, since Django does this in many places.

I personally don't do late imports, but this style seemed to fit the module better. But really, it probably doesn't matter either way.

comment:6 Changed 7 years ago by jacob

  • Resolution set to wontfix
  • Status changed from new to closed

This really isn't a change with any value; salt doesn't need to be particularly cryptographically strong as long as it's random enough; the point is to exponentially increase the search space for password crackers. The current code is fine.

comment:7 Changed 5 years ago by jacob

  • milestone 1.1 deleted

Milestone 1.1 deleted

Note: See TracTickets for help on using tickets.
Back to Top