Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
cpython
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
cpython
Commits
151f5d59
Commit
151f5d59
authored
Apr 17, 2016
by
Steven D'Aprano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix a few minor typos to secrets documentation.
parent
528619b6
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
9 additions
and
10 deletions
+9
-10
Doc/library/secrets.rst
Doc/library/secrets.rst
+9
-10
No files found.
Doc/library/secrets.rst
View file @
151f5d59
...
...
@@ -88,7 +88,7 @@ hard-to-guess URLs, and similar.
.. function:: token_urlsafe([nbytes=None])
Return a random URL-safe text string, containing *nbytes* random
bytes. The text is Base64 encoded, so on average
,
each byte results
bytes. The text is Base64 encoded, so on average each byte results
in approximately 1.3 characters. If *nbytes* is ``None`` or not
supplied, a reasonable default is used.
...
...
@@ -106,7 +106,7 @@ To be secure against
tokens need to have sufficient randomness. Unfortunately, what is
considered sufficient will necessarily increase as computers get more
powerful and able to make more guesses in a shorter period. As of 2015,
it is believed that
64 bytes (512
bits) of randomness is sufficient for
it is believed that
32 bytes (256
bits) of randomness is sufficient for
the typical use-case expected for the :mod:`secrets` module.
For those who want to manage their own token length, you can explicitly
...
...
@@ -129,8 +129,8 @@ Other functions
.. function:: compare_digest(a, b)
Return ``True`` if strings *a* and *b* are equal, otherwise ``False``,
in such a way as to red
i
ce the risk of
`timing attacks <http://codahale.com/a-lesson-in-timing-attacks/>`_
.
in such a way as to red
u
ce the risk of
`timing attacks <http://codahale.com/a-lesson-in-timing-attacks/>`_.
See :func:`hmac.compare_digest` for additional details.
...
...
@@ -151,11 +151,10 @@ Generate an eight-character alphanumeric password:
.. note::
Applications should
`not store passwords in a recoverable format <http://cwe.mitre.org/data/definitions/257.html>`_ ,
whether plain text or encrypted. They should always be salted and
hashed using a cryptographically-strong one-way (irreversible) hash
function.
Applications should not
`store passwords in a recoverable format <http://cwe.mitre.org/data/definitions/257.html>`_,
whether plain text or encrypted. They should be salted and hashed
using a cryptographically-strong one-way (irreversible) hash function.
Generate a ten-character alphanumeric password with at least one
...
...
@@ -174,7 +173,7 @@ three digits:
break
Generate an `XKCD-style passphrase <http://xkcd.com/936/>`_
:
Generate an `XKCD-style passphrase <http://xkcd.com/936/>`_:
.. testcode::
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
