X-Git-Url: https://mudpy.org/gitweb?a=blobdiff_plain;f=lib%2Fmudpy%2Fpassword.py;h=38bfa8285a6dc7b1a4ac61466084e336060a9cf1;hb=8d156d1340426a68348159ff3d509856e517c125;hp=29fc5d99894ca70b2897757581519fc24fcbc148;hpb=81da060528fd3b29ddec4b7f4c09fc99ad24b18a;p=mudpy.git diff --git a/lib/mudpy/password.py b/lib/mudpy/password.py index 29fc5d9..38bfa82 100644 --- a/lib/mudpy/password.py +++ b/lib/mudpy/password.py @@ -101,20 +101,21 @@ def create( separator character used to identify subsequent fields. The fields in order are: - 1. the decimal index number indicating which algorithm was used, also - mapped as convenience constants at the beginning of this module + 1. the decimal index number indicating which algorithm was used, + also mapped as convenience constants at the beginning of this + module - 2. the number of times (as an exponent of 2) which the algorithm was - iterated, represented by a decimal value between 0 and 16 - inclusive (0 results in one round, 16 results in 65536 rounds, and - anything higher than that is a potential resource consumption - denial of service on the application anyway) + 2. the number of times (as an exponent of 2) which the algorithm + was iterated, represented by a decimal value between 0 and 16 + inclusive (0 results in one round, 16 results in 65536 rounds, + and anything higher than that is a potential resource + consumption denial of service on the application anyway) - 3. the plain-text salt with which the password was prepended before - hashing + 3. the plain-text salt with which the password was prepended + before hashing - 4. the resulting password hash itself, base64-encoded using . and / - as the two non-alpha-numeric characters required to reach 64 + 4. the resulting password hash itself, base64-encoded using . and + / as the two non-alpha-numeric characters required to reach 64 The defaults provided should be safe for everyday use, but something more heavy-duty may be in order for admin users, such as::