On Monday, September 7, 2015 at 7:30:58 PM UTC+2, Unai Zalakain wrote: > > Some other related questions also come to my mind: What exactly are we > considering a secure password?
Whatever we consider "secure" at this point. > Why not leave the validator list empty by > default and document the feature on the security checklist, with the > rest of deployment-related features that aren't on by default? > Cause noone reads docs and this is not really deployment related imo. Don't take me wrong, I *do* think this is a great feature, but it should > be the developers choice to turn it on. > When it comes to security I rather have devs turn it off, in the end this will provide a safer behavior… -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/3b8aafb1-bb16-4b00-b1f8-1414577e4c42%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
