Menu
How would I create a random, 16-character base-62 salt in python? I need it for a protocol and I'm not sure where to start. Thanks.
378
Salt (sometimes referred to as SaltStack) is a Python-based, open-source software for event-driven IT automation, remote task execution, and configuration management.
A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords. Salts help us mitigate hash table attacks by forcing attackers to re-compute them using the salts for each user.
>>> import random >>> ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" >>> chars=[] >>> for i in range(16): chars.append(random.choice(ALPHABET)) >>> "".join(chars) 'wE9mg9pu2KSmp5lh' This should work.
124
You shouldn't use UUIDs, they are unique, not random: Is using a CreateUUID() function as salt a good idea?
Your salts should use a cryptographically secure random numbers, in python 2.4+, os.urandom is the source of these (if you have a good timing source).
# for some given b62encode function salt = b62encode(os.urandom(16)) you could also use a generator from bcrypt or other awesome crypto/hashing library that is well known and vetted by the people much more expert than I am.
import bcrypt salt = bcrypt.gensalt() # will be 29 chars you can then encode it however you want. If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
