Giter VIP home page Giter VIP logo

pwgen's Issues

The version on pypi uses non-safe pseudo random generator

The current version 0.7 on pypi seems to use a non-safe pseudo random generator, which seems pretty dangerous given the name somewhat suggests this makes safe passwords. The github version here seems to use proper system randomness, so I suggest you update it quickly (or alternatively put a note on pypi about the current unsafeness of the version there).

capitalize=True and numerals=True lead to IndexError

After running pwgen.pwgen(capitalize=True,numerals=True,symbols=True,no_ambiguous=True) for a number of times, I repeatedly get

>>> pwgen.pwgen(capitalize=True,numerals=True,symbols=True,no_ambiguous=True)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "c:\Python27\lib\site-packages\pwgen\__init__.py", line 72, in pwgen
    passwd = replaceRandomChar(choice(Digits), passwd)
  File "c:\Python27\lib\site-packages\pwgen\__init__.py", line 33, in replaceRan
domChar
    word[pos] = letter
IndexError: list assignment index out of range

Issue persists when numerals=True is removed:

>>> [pwgen(capitalize=True,symbols=True,no_ambiguous=True) for x in range(500)]
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "c:\Python27\lib\site-packages\pwgen\__init__.py", line 70, in pwgen
    passwd = replaceRandomChar(choice(UpperCase), passwd)
  File "c:\Python27\lib\site-packages\pwgen\__init__.py", line 33, in replaceRan
domChar
    word[pos] = letter
IndexError: list assignment index out of range

Python version 2.7.5 on Windows 8.1 x64
pwgen version: 0.4

Support python 3

Support python 3. Currently I get an error with a print statement.

Random char replacement breaks password requirements

Lets say I run this with --capitalize and --numerals, and the following line:

passwd = "".join(choice(letters) for x in range(pw_length))

returns the string Abcdefg

The first if if capitalize... passes, but the second if (if numerals...) will cause a random character to be substituted with a numeral.

It's very possible that the character to be substituted is the only capital letter, A, thereby returning a password that doesn't conform to the requirements --capitalize and --numerals.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.