Rather than guess at the appropriate string length to get some level of security, I'd like to add a (minimum) bits of entropy argument to get_random_string, so I could say something like get_random_string(bits=256) and have it do the math for me: math.ceil(bits / math.log2(len(allowed_chars))).
Not sure what should happen if both bits and length are specified, let bits override? ValueError? whichever is longer/more random/secure (maybe then call it min_bits)? I seem to recycle that snippet in many of my projects, and I hope it would be useful for others. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/bc93fd3e-4e8c-45e6-9ada-4fa595bf4479%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
