#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-------------------------------+--------------------------------------
Reporter: Javier Torres | Owner: Sosshi
Type: Uncategorized | Status: assigned
Component: Uncategorized | Version: 4.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------------------------
Comment (by Carlton Gibson):
Hi. Erm... I'm not sure what to say here.
> The usage of ... is limited ...
Yes, it is. `make_random_password()` is essentially not used as tall in
the Django codebase.
An 11 year old comment from Russell says why:
> The only reason I can think of to generate a random password would be to
send it in cleartext. To which, the answer is a definitive No. Not ever.
https://code.djangoproject.com/ticket/15639#comment:2
I think we should probably deprecate and remove this method, rather than
try and make it more complex 🤔
--
Ticket URL: <https://code.djangoproject.com/ticket/33758#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070181233456fc-fd79c9bc-29c3-4a44-a44f-15bfa1adb885-000000%40eu-central-1.amazonses.com.
