Skip to content

C
cpython
Commit 151f5d59 authored by Steven D'Aprano's avatar Steven D'Aprano
Browse files
Options

Fix a few minor typos to secrets documentation.

parent 528619b6
Show whitespace changes
Inline Side-by-side
Showing with 9 additions and 10 deletions
Doc/library/secrets.rst
View file @ 151f5d59
...@@ -88,7 +88,7 @@ hard-to-guess URLs, and similar. ...@@ -88,7 +88,7 @@ hard-to-guess URLs, and similar.
.. function:: token_urlsafe([nbytes=None]) .. function:: token_urlsafe([nbytes=None])
Return a random URL-safe text string, containing *nbytes* random Return a random URL-safe text string, containing *nbytes* random
bytes. The text is Base64 encoded, so on average, each byte results bytes. The text is Base64 encoded, so on average each byte results
in approximately 1.3 characters. If *nbytes* is ``None`` or not in approximately 1.3 characters. If *nbytes* is ``None`` or not
supplied, a reasonable default is used. supplied, a reasonable default is used.
...@@ -106,7 +106,7 @@ To be secure against ...@@ -106,7 +106,7 @@ To be secure against
tokens need to have sufficient randomness. Unfortunately, what is tokens need to have sufficient randomness. Unfortunately, what is
considered sufficient will necessarily increase as computers get more considered sufficient will necessarily increase as computers get more
powerful and able to make more guesses in a shorter period. As of 2015, powerful and able to make more guesses in a shorter period. As of 2015,
it is believed that 64 bytes (512 bits) of randomness is sufficient for it is believed that 32 bytes (256 bits) of randomness is sufficient for
the typical use-case expected for the :mod:`secrets` module. the typical use-case expected for the :mod:`secrets` module.
For those who want to manage their own token length, you can explicitly For those who want to manage their own token length, you can explicitly
...@@ -129,8 +129,8 @@ Other functions ...@@ -129,8 +129,8 @@ Other functions
.. function:: compare_digest(a, b) .. function:: compare_digest(a, b)
Return ``True`` if strings *a* and *b* are equal, otherwise ``False``, Return ``True`` if strings *a* and *b* are equal, otherwise ``False``,
in such a way as to redice the risk of in such a way as to reduce the risk of
`timing attacks <http://codahale.com/a-lesson-in-timing-attacks/>`_ . `timing attacks <http://codahale.com/a-lesson-in-timing-attacks/>`_.
See :func:`hmac.compare_digest` for additional details. See :func:`hmac.compare_digest` for additional details.
...@@ -151,11 +151,10 @@ Generate an eight-character alphanumeric password: ...@@ -151,11 +151,10 @@ Generate an eight-character alphanumeric password:
.. note:: .. note::
Applications should Applications should not
`not store passwords in a recoverable format <http://cwe.mitre.org/data/definitions/257.html>`_ , `store passwords in a recoverable format <http://cwe.mitre.org/data/definitions/257.html>`_,
whether plain text or encrypted. They should always be salted and whether plain text or encrypted. They should be salted and hashed
hashed using a cryptographically-strong one-way (irreversible) hash using a cryptographically-strong one-way (irreversible) hash function.
function.
Generate a ten-character alphanumeric password with at least one Generate a ten-character alphanumeric password with at least one
...@@ -174,7 +173,7 @@ three digits: ...@@ -174,7 +173,7 @@ three digits:
break break
Generate an `XKCD-style passphrase <http://xkcd.com/936/>`_ : Generate an `XKCD-style passphrase <http://xkcd.com/936/>`_:
.. testcode:: .. testcode::
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7