Re: A more useful list of common passwords?

[Kelly]

Hello!

I am Kelly, a member of the group working on ticket #29274. We really 
appreciate your help thus far!

We have successfully replaced the list of passwords and ran the unit tests 
with ./runtests.py.

When looking at the CommonPasswordValidatorTest(TestCase) class found 
in 
https://github.com/django/django/blob/2cb6b7732dc7b172797cebb1e8f19be2de89e264/tests/auth_tests/test_validators.py,
 
we noticed that only a few strings are being tested, namely 'godzilla' and 
'a-safe-password'.

As we make our pull request, we were wondering if we should include more 
specific units tests to test the validator.

Cheers,

Kelly

On Tuesday, April 10, 2018 at 5:59:20 PM UTC-4, Brenton Cleeland wrote:
>
> Hi Jessica (& team!),
>
> My immediate thought is that those rows are errors. They should be ignored 
> and not included in any list added to Django :)
>
> On 11 April 2018 at 02:13, Jessica F > wrote:
>
>> Hello! I'm Jessica, the assignee to this ticket. I am speaking on behalf 
>> of a group of newbies contributing to open source projects.
>> I was looking at the list of 20k passwords by Royce Williams, and there 
>> were 40 that were something like "$HEX[d0bfd197d5]". When I parsed them, 
>> nothing legible came out of it. I was wondering if this was an error on the 
>> list or was it intentional?
>>
>> -- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Django developers (Contributions to Django itself)" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/django-developers/oMWLVK5kTpI/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to 
>> django-develop...@googlegroups.com .
>> To post to this group, send email to django-d...@googlegroups.com 
>> .
>> Visit this group at https://groups.google.com/group/django-developers.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/django-developers/a8043ddf-5147-44ba-b34a-85cb1596b7b8%40googlegroups.com
>>  
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Cheers,
> Brenton
>
> https://brntn.me // @sesh 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/85293a9c-408d-4bd8-ab8e-2b7304c4441e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: A more useful list of common passwords?

[James Bennett]

One approach you might try is on every test run, randomly select some lines
from the list of common passwords and verify they fail the validator. That
way we know it's not just testing a single, fixed, contrived case.

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CAL13Cg8v%2Bojm0iB1PBLMU8zvDnQt%3DwunTerAH_fQje%3DU97E2fA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.