On Sun, Aug 10, 2014 at 7:22 PM, Steven D'Aprano <steve+comp.lang.pyt...@pearwood.info> wrote: > Devin Jeanpierre wrote: > >> On Sun, Aug 10, 2014 at 9:31 AM, Steven D'Aprano >> <steve+comp.lang.pyt...@pearwood.info> wrote: > >>> I don't think that using a good, but not cryptographically-strong, random >>> number generator to generate passwords is a serious vulnerability. What's >>> your threat model? >> >> I've always wanted a password generator that worked on the fly based >> off of a master password. If the passwords are generated randomly but >> not cryptographically securely so, then given sufficiently many >> passwords, the master password might be deduced. > > o_O > > So, what you're saying is that you're concerned that if an attacker has all > your passwords, they might be able to generate new passwords?
No, I meant what I said. I was pretty specific. -- Devin -- https://mail.python.org/mailman/listinfo/python-list