[Zope3-dev] SHA1Password manager, add a pinch of salt
Dmitry Vasiliev
dima at hlabs.spb.ru
Tue Apr 24 05:00:29 EDT 2007
Giovannetti, Mark wrote:
> Surely, welcoming obvious improvements that will save some
> other zope developer from re-implementing a secure /etc/passwd
> equivalent is desirable.
I agreed. I'll apply slightly modified version of the patch with
fixed-length salt if you don't object.
> Python 2.5 has hashlib which supports sha224, sha256 and so forth.
> I may look into adding support for those hashes to password
> when zope has been updated for 2.5.
I think in this case it will make sense to move the module into self
contained package for example zope.app.password or even zope.password.
--
Dmitry Vasiliev <dima at hlabs.spb.ru>
http://hlabs.spb.ru
More information about the Zope3-dev
mailing list