This may only be tangentially related to Python, but since I am coding a password authentication system in Python, I thought I would ask here.
In Linux (and presumably other *NIX systems that support it), when shadow passwords are enabled, the actual password is not stored. Instead an encrypted version is stored. Then, to authenticate the password, the system re-encrypts the user's input to see if it matches the stored, encrypted version. Presumably, this is done using the crypt() system call (and, fortunuately, Python has a builtin crypt module!). Presumably, as well, this is at least somewhat secure, assuming a source of cryptographic randomness to use to choose the salt. Are SHA1 and MD5 suitable for this sort of thing as well, or would I need to move to something more "industrial strength" from, say, the pyCrypto module if I wanted to avoid a dependency on the crypt module? -- http://mail.python.org/mailman/listinfo/python-list