On Sun, 8 Aug 2010 09:32:02 am Richard D. Moores wrote: > On Sat, Aug 7, 2010 at 15:26, Alan Gauld <alan.ga...@btinternet.com> wrote: > > Python is telling you its bytes with the b at the front. > > The \x tells you they are hex values. > > > > (*)The fact its 5 is odd since you seem to pass 6 as an argument! > > When I try it I get 6 bytes back. > > Yes, the number of bytes seems to <= 6, or is it?:
No, it's 6. The underlying urandom generator *can* run out of entropy, but it will pause until there is enough entropy to generate sufficient random bytes rather than just supply too few bytes. In the worst case, where your computer has just started up (and hence has very little entropy), hasn't yet given you a GUI (and hence can't gather more entropy from mouse and keyboard events), and you've just asked for a wacking great pile of random bytes, urandom can lock up for *ages* waiting for more entropy so it can meet your request. > >>> os.urandom(6) > b'\xf1\x1c\x15\x83\x14\x0e' Six bytes, each written in hex format \xNN. > And what's with the l in b'l\xbb\xae\xb7\x0ft' ? It's just a byte that happens to match the character "l" and therefore is printed as "l" instead of \x6c. > I apologize to all for not explaining what I'm trying to accomplish. > I just ran across os.urandom() and am trying to understand it. I have > a script that I use to create passwords for my various website > accounts, <http://tutoree7.pastebin.com/31AisCq1>, but wondered if > website-permitted, but stronger passwords could be generated with the > use of os.urandom(). At this point, I think not. Extreme randomness of passwords is not actually a good thing. Generally people want to remember their passwords, in which case you want passwords which are random enough to be hard for others to guess while non-random enough for the owner to remember them. -- Steven D'Aprano _______________________________________________ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
