#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-------------------------------+--------------------------------------
Reporter: Javier Torres | Owner: Sosshi
Type: Uncategorized | Status: assigned
Component: Uncategorized | Version: 4.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------------------------
Comment (by Carlton Gibson):
Hi. Erm... I'm not sure what to say here.
> The usage of ... is limited ...
Yes, it is. `make_random_password()` is essentially not used as tall in
the Django codebase.
An 11 year old comment from Russell says why:
> The only reason I can think of to generate a random password would be to
send it in cleartext. To which, the answer is a definitive No. Not ever.
https://code.djangoproject.com/ticket/15639#comment:2
I think we should probably deprecate and remove this method, rather than
try and make it more complex 🤔
--
Ticket URL: <https://code.djangoproject.com/ticket/33758#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070181233456fc-fd79c9bc-29c3-4a44-a44f-15bfa1adb885-000000%40eu-central-1.amazonses.com.
