+1 On Sep 7, 2015 4:56 PM, "Shai Berger" <s...@platonix.com> wrote:
> On Monday 07 September 2015 20:09:06 Marc Tamlyn wrote: > > I agree with Aymeric and Markus that createsuperuser should not validate > > strength of passwords when DEBUG is on. Having to use a secure password > for > > development/test accounts is an unnecessary level of interference for > > users. > > > > I agree its safer to prevent using admin/admin in production and this is > a > > good thing, but there's no reason to prevent this for development. In > fact, > > I'd argue enforcing it for development will encourage teams to have a > > "standard" secure password for their sites, which is also used in > > production. By allowing admin/admin in development, and enforcing > something > > better in production we are more helpfully enforcing best practice. > > > +1. > > Shai. > -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CANJp-yiD3PYCWzMQOV8ixG%2BM0LXC7Oa2R7-jDCbkxr%2BfkUT%2B5g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
