From owner-freebsd-questions@FreeBSD.ORG Tue Aug 4 16:39:42 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C9974106567B for ; Tue, 4 Aug 2009 16:39:42 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ew0-f206.google.com (mail-ew0-f206.google.com [209.85.219.206]) by mx1.freebsd.org (Postfix) with ESMTP id 52F3F8FC0C for ; Tue, 4 Aug 2009 16:39:42 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-ew0-f206.google.com with SMTP id 2so3821881ewy.43 for ; Tue, 04 Aug 2009 09:39:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=NnoAR3i6c8R1C60NKhPACJisVpnggF89IAD/XkdtOy0=; b=HGNFxc4CVp4/RhdZKSzS7fDHOtLu51n8c3F+j6oTl1ppZEvq/RhX9vcdqINQNqrZPG Iwhy9v4QEp/GNKL8++lDfYHUPDiG4wiFLdTiShd87RkRnv3lbFRbt8sI2BCe8GbjYRwG xeuq7+1ngpWnrOcUR81xAQ9lJhRDFmC/dff5c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=tv/jeHk1K/hfBSXXqiYsYrOJNqu8xmd1K+bkZUNLOyE58CC85yeSIVCkAfMi3gyyqy +UCUdoG1HhtgIvRMZ4Cz1Ypux3VCmLN+iPAwPo3+BkgeIykuH9rHGVAfd8muZG1E65I7 ODuYyDmVBY6lBDo3C4oZfKbRSIvr8J6uH5pzA= Received: by 10.211.178.12 with SMTP id f12mr9120693ebp.83.1249403981942; Tue, 04 Aug 2009 09:39:41 -0700 (PDT) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 7sm2434182eyb.7.2009.08.04.09.39.41 (version=SSLv3 cipher=RC4-MD5); Tue, 04 Aug 2009 09:39:41 -0700 (PDT) Date: Tue, 4 Aug 2009 17:39:39 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20090804173939.598a224f@gumby.homeunix.com> In-Reply-To: <200908032220.50964.mel.flynn+fbsd.questions@mailing.thruhere.net> References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> <200908032220.50964.mel.flynn+fbsd.questions@mailing.thruhere.net> X-Mailer: Claws Mail 3.7.2 (GTK+ 2.16.5; i386-portbld-freebsd7.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Secure password generation...blasphemy! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2009 16:39:43 -0000 On Mon, 3 Aug 2009 22:20:50 -0800 Mel Flynn wrote: > On Monday 03 August 2009 18:28:52 Modulok wrote: > > > I wrote a python script which uses /dev/random, and hashes the > > output with sha256. I then truncate the output to the desired > > length. Blasphemy! According to the superstitious password crowd my > > passwords are not very secure ... maybe. > > They aren't, because you reduce the random to a much less random, > *because* you are hashing. Not in FreeBSD, it's a 256bit PRNG and a 256 bit hash.