On Sun, Jun 17, 2012 at 2:18 PM, Steven D'Aprano <steve+comp.lang.pyt...@pearwood.info> wrote: > Safe from what? What is your threat model? Are you worried about your > little sister reading your diary? Or the NSA discovering your plans to > assassinate the President? Or something in between? > > Python's random module is not cryptographically strong, which means that > it will probably take an organisation like the NSA, MI5, ASIO, Mossad, > etc. about 10 or 20 minutes to crack your password. But your little > sister will probably take a hundred million years to guess it.
Your little sister would quite possibly be kept off by rot13, which everyone knows isn't cryptographically secure. All it takes is making something look encrypted and most people won't bother to try (plus it's the whole "this isn't public kthx" thing, which many people will respect). Of course, if you're just trying to fool the BOFH's technical manager, it's even easier. http://bofh.ch/newbofh/bofh4oct.html ChrisA -- http://mail.python.org/mailman/listinfo/python-list