Date: Tue, 4 Aug 2009 17:39:39 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Secure password generation...blasphemy! Message-ID: <20090804173939.598a224f@gumby.homeunix.com> In-Reply-To: <200908032220.50964.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> <200908032220.50964.mel.flynn%2Bfbsd.questions@mailing.thruhere.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Aug 2009 22:20:50 -0800 Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> wrote: > On Monday 03 August 2009 18:28:52 Modulok wrote: > > > I wrote a python script which uses /dev/random, and hashes the > > output with sha256. I then truncate the output to the desired > > length. Blasphemy! According to the superstitious password crowd my > > passwords are not very secure ... maybe. > > They aren't, because you reduce the random to a much less random, > *because* you are hashing. Not in FreeBSD, it's a 256bit PRNG and a 256 bit hash.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090804173939.598a224f>