On Sat, Dec 24, 2016 at 6:18 PM, Paul Rubin wrote:
> Chris Angelico writes:
>> Solution: Don't use dictionary-attackable passwords.
>
> If you allow people to choose their own passwords, they'll too-often
> pick dictionary-attackable ones; or even if they choose difficult ones,
> they'll use them
Chris Angelico writes:
> Solution: Don't use dictionary-attackable passwords.
If you allow people to choose their own passwords, they'll too-often
pick dictionary-attackable ones; or even if they choose difficult ones,
they'll use them in more than one place, and eventually the weakest of
those
On 2016-12-24 01:17, Charles Hixson wrote:
On 12/23/2016 01:56 PM, Charles Hixson wrote:
I was looking to avoid using a upd connection to transfer messages
between processes, so I thought I'd use multiprocessing (which I
expect would be faster), but...I sure would appreciate an explanation
of
On Sat, Dec 24, 2016 at 12:32 PM, Steve D'Aprano
wrote:
> not to mention the abomination of "one factor authentication, twice", like
> that used by the Australian government unified web portal. To log in, you
> have to provide something you know (username and password), plus something
> else you k
On Sat, 24 Dec 2016 11:20 am, Paul Rubin wrote:
> What is it that you are trying to secure? If it's something important,
> set up 2-factor authentication (such as TOTP) and encourage your users
> to use it.
You say that as if two-factor auth was a panacea.
That's the sort of thinking that lead
On Sat, Dec 24, 2016 at 11:20 AM, Paul Rubin wrote:
> The basic problem is those functions are fast enough to make dictionary
> attacks feasible. The preferred password hashing function these days is
> Argon2, which has some tunable security parameters:
Solution: Don't use dictionary-attackable
On 12/23/2016 01:56 PM, Charles Hixson wrote:
I was looking to avoid using a upd connection to transfer messages
between processes, so I thought I'd use multiprocessing (which I
expect would be faster), but...I sure would appreciate an explanation
of this problem.
When I run the code (below
> "Salted hashing (or just hashing) with BLAKE2 or any other
> general-purpose cryptographic hash function, such as SHA-256, is not
> suitable for hashing passwords. See BLAKE2 FAQ for more information."
>
> I propose to ignore this warning. I feel that, for my purposes, the
> above procedure is ad
Val Krem via Python-list wrote:
> Here is the first few lines of the data
>
>
> s1.csv
> size,w1,h1
> 512,214,26
> 123,250,34
> 234,124,25
> 334,213,43
Did you put these lines here using copy and paste? The fix below depends on
the assumption that your data is more like
size, w1, h1
512, 214,
On 2016-12-23 21:56, Charles Hixson wrote:
I was looking to avoid using a upd connection to transfer messages
between processes, so I thought I'd use multiprocessing (which I expect
would be faster), but...I sure would appreciate an explanation of this
problem.
When I run the code (below) instea
I'm trying to build Python 3.6 on Centos 6, and am successful in doing so,
except for the sqlite3 library. I started with a brand new install of Centos 6
and installed devtoolset-2 to build with a newer compiler. But whether with
default compiler or 4.82, I get the following errors when building
Here is the first few lines of the data
s1.csv
size,w1,h1
512,214,26
123,250,34
234,124,25
334,213,43
and the script
a=pd.read_csv("s1.csv", skipinitialspace=True).keys()
print(a)
i see the following
Index(['size', 'w1', 'h1'], dtype='object')
when I wanted to add the two columns;
I was looking to avoid using a upd connection to transfer messages
between processes, so I thought I'd use multiprocessing (which I expect
would be faster), but...I sure would appreciate an explanation of this
problem.
When I run the code (below) instead of messages receiving messages from
th
Val Krem via Python-list wrote:
> Hi all,
>
> #!/usr/bin/env python
> import sys
> import csv
> import numpy as np
> import pandas as pd
>
> a= pd.read_csv("s1.csv")
> print(a)
>
> size w1 h1
> 0 512 214 26
> 1 123 250 34
> 2 234 124 25
> 3 334 213 43
> 4 a45 223 3
On Sat, Dec 24, 2016 at 7:39 AM, Val Krem via Python-list
wrote:
> a= pd.read_csv("s1.csv")
> File "pandas/src/hashtable_class_helper.pxi", line 740, in
> pandas.hashtable.PyObjectHashTable.get_item (pandas/hashtable.c:13107)
> KeyError: 'w1'
>
> Can someone help me what the problem is?
Can you
On Sat, Dec 24, 2016 at 6:51 AM, wrote:
> On Thursday, December 22, 2016 at 5:57:42 PM UTC-8, Chris Angelico wrote:
>> On Fri, Dec 23, 2016 at 12:54 PM, wrote:
>> > Wouldn't most users prefer that modern time zones be the default
>> > information returned by pytz, instead of 150 year-old histo
Hi all,
#!/usr/bin/env python
import sys
import csv
import numpy as np
import pandas as pd
a= pd.read_csv("s1.csv")
print(a)
size w1 h1
0 512 214 26
1 123 250 34
2 234 124 25
3 334 213 43
4 a45 223 32
5 a12 214 26
I wanted to create a new column by adding the t
> I did mess around with pytz a bit but I was getting a lot of
> exceptions - something related to the TZ already being set or
> something like that. I don't recall exactly, and I can't scroll back
> far enough to find it.
Yes, if the tzinfo attribute has already been set, you will get errors from
On Thursday, December 22, 2016 at 5:57:42 PM UTC-8, Chris Angelico wrote:
> On Fri, Dec 23, 2016 at 12:54 PM, wrote:
> > Wouldn't most users prefer that modern time zones be the default
> > information returned by pytz, instead of 150 year-old historical time zones?
>
> They're the *same* time
On Fri, Dec 23, 2016 at 2:27 PM, Skip Montanaro
wrote:
>> I need to compare these datetimes, and if I do that I get the dreaded
>> "can't compare offset-naive and offset-aware datetimes" error.
>
> If you're sure the naive datetimes are UTC, this should work:
>
> import pytz
>
> dt = pytz.utc.loca
On Fri, Dec 23, 2016 at 2:18 PM, Chris Angelico wrote:
> On Sat, Dec 24, 2016 at 3:30 AM, Larry Martell
> wrote:
>> I have a datetime that looks like this: '2016-11-11T18:10:09-05:00'
>> and when I pass it to dateutil.parser.parse I get back this:
>>
>> datetime.datetime(2016, 11, 11, 18, 10, 9,
W dniu 23.12.2016 o 15:14, Ian Kelly pisze:
(...)
cls.added_in_init = 'test'
Man, you are awsome genius! Finally somebody was able to explain me what
is the power of __new__ and difference between __init__ !!!
So what I wanted to achieve was adding some new attributes to the class
ins
Okay, problem solved. My thanks to Chris Barker over on the Anaconda group
for help. (I originally thought there might be something amiss with the
pytz package in Anaconda, as our older non-Anaconda Python seemed not to
have the problem.) It turns out to be a problem I solved several years ago
at m
> I need to compare these datetimes, and if I do that I get the dreaded
> "can't compare offset-naive and offset-aware datetimes" error.
If you're sure the naive datetimes are UTC, this should work:
import pytz
dt = pytz.utc.localize(dateutil.parser.parse('2016-04-27T00:00:00'))
You can then co
On Sat, Dec 24, 2016 at 3:58 AM, Steve D'Aprano
wrote:
> By the way, thanks for raising this interesting question! This is exactly
> the sort of thing that the secrets module is supposed to make a "no
> brainer", so I expect that it will get a password hash function.
+1. Please can we see somethi
On Sat, Dec 24, 2016 at 3:30 AM, Larry Martell wrote:
> I have a datetime that looks like this: '2016-11-11T18:10:09-05:00'
> and when I pass it to dateutil.parser.parse I get back this:
>
> datetime.datetime(2016, 11, 11, 18, 10, 9, tzinfo=tzoffset(None, -18000))
>
> And I have other datetimes li
On Fri, 23 Dec 2016 10:08 pm, Frank Millman wrote:
> "Steve D'Aprano" wrote in message
> news:585d009f$0$1599$c3e8da3$54964...@news.astraweb.com...
>>
>> On Fri, 23 Dec 2016 09:19 pm, Frank Millman wrote:
>>
>> >
>> > 3. Generate the password from the string supplied by the user as
>> > follows -
I have a datetime that looks like this: '2016-11-11T18:10:09-05:00'
and when I pass it to dateutil.parser.parse I get back this:
datetime.datetime(2016, 11, 11, 18, 10, 9, tzinfo=tzoffset(None, -18000))
And I have other datetimes like this: '2016-04-27T00:00:00', which
went passed to dateutil.par
On Fri, Dec 23, 2016 at 5:14 AM, Mr. Wrobel wrote:
> Hi,thanx for answers, let's imagine that we want to add one class attribute
> for newly created classess with using __init__ in metaclass, here's an
> example:
>
> #!/usr/bin/env python
>
> class MetaClass(type):
> # __init__ manipulation:
>
"Chris Angelico" wrote in message
news:captjjmpppgm+_ut_amtnb7vgo0vrgptu6iagyjqwvpxg5yp...@mail.gmail.com...
On Fri, Dec 23, 2016 at 9:19 PM, Frank Millman wrote:
> 3. Generate the password from the string supplied by the user as
> follows -
>from hashlib import blake2b
>password =
"Frank Millman" writes:
> ... Here are my thoughts on improving this.
>
> 1. Generate a 'salt' for each password. There seem to be two ways in
> the standard library to do this -
>import os
>salt = os.urandom(16)
>
>import secrets
>salt = secrets.token_bytes(16)
>
>My guess is
Thank you for your email. Your web change 58158[RELEASE] Python 3.6.0 is
released!request has been received and will be dealt with shortly.
This service desk only covers minor changes to the legacy NHS Digital website
(content.digital.nhs.uk) that are made on a web request form.
For changes rel
i have installed 3.5.2 version of python my system windows 8.1 64 bit.
after successful installation it is not executing python.exe file.whenever
i try a dialof box pop up with an error message "python has stopped
working". i hav tried reinstalling it several times.please help
--
https://mail.pyth
Hi, everyone
I'm building a http long polling client for our company's discovery service
and something weird happened in the following code:
```python
while True:
try:
r = requests.get("url", stream=True, timeout=3)
for data in r.iter_lines():
processing_data...
On 23/12/2016 10:34, Ned Deily wrote:
On behalf of the Python development community and the Python 3.6 release
team, I am pleased to announce the availability of Python 3.6.0. Python
3.6.0 is the newest major release of the Python language, and it contains
many new features and optimizations. S
On Fri, Dec 23, 2016 at 9:19 PM, Frank Millman wrote:
> At present I just store a SHA-1 hash of the password for each user. Here are
> my thoughts on improving this.
>
> 1. Generate a 'salt' for each password. There seem to be two ways in the
> standard library to do this -
>import os
>sal
W dniu 21.12.2016 o 02:51, Ethan Furman pisze:
On 12/20/2016 03:39 PM, Ben Finney wrote:
"Mr. Wrobel" writes:
Quick question, can anybody tell me when to use __init__ instead of
__new__ in meta programming?
Use ‘__new__’ to do the work of *creating* one instance from nothing;
allocating the
"Steve D'Aprano" wrote in message
news:585d009f$0$1599$c3e8da3$54964...@news.astraweb.com...
On Fri, 23 Dec 2016 09:19 pm, Frank Millman wrote:
>
> 3. Generate the password from the string supplied by the user as
> follows -
> from hashlib import blake2b
> password = blake2b('my_pass
On Fri, 23 Dec 2016 09:19 pm, Frank Millman wrote:
[...]
> Having read the previous thread and various links, I want to review the
> way I handle passwords in my accounting application.
>
> At present I just store a SHA-1 hash of the password for each user. Here
> are my thoughts on improving thi
On behalf of the Python development community and the Python 3.6 release
team, I am pleased to announce the availability of Python 3.6.0. Python
3.6.0 is the newest major release of the Python language, and it contains
many new features and optimizations. See the "What’s New In Python 3.6"
docume
Hi all
This is a follow-up to my recent 'security question' post.
I am starting a new thread, for 2 reasons -
1) I sent a link to the previous thread to my ISP for their information. It
is up to them whether they do anything with it, but I wanted to keep that
thread focused on the original is
On Thu, 22 Dec 2016 09:10 pm, Frank Millman wrote:
> If this is the standard of security out there, it is no wonder we hear of
> so many attacks (and how many don't we hear of?)
Everything is broken:
https://medium.com/message/everything-is-broken-81e5f33a24e1
--
Steve
“Cheer up,” they said
42 matches
Mail list logo
