id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 9687 Use more randomness in secret key generation paulway@… nobody "The generation of the SECRET_KEY setting for a new site uses an artificially low number of characters due to a design accident. As far as I can see, SECRET_KEY is not used in a way which would make it case-sensitive or require it to be read out, but instead is used in MD5 hashes where more randomness is preferred. The supplied patch not only adds more characters to be selected from but also makes an unreadable one-liner into a readable two-liner." closed Core (Other) 1.0 wontfix SECRET_KEY random Unreviewed 0 0 0 0 0 0