On 3/14/2013 11:51 AM, Ed Leafe wrote:
On Mar 14, 2013, at 8:32 AM, Stephen Russell <[email protected]> wrote:
A GUID sounds a good way to go but I don't know how to generate one. There
will only be a small number of users so the key will be a low integer.
http://www.news2news.com/vfp/?example=456
From http://crackstation.net/hashing-security.htm:
"Salt should be generated using a Cryptographically Secure Pseudo-Random Number Generator
(CSPRNG). CSPRNGs are very different than ordinary pseudo-random number generators, like the
"C" language's rand() function. As the name suggests, CSPRNGs are designed to be
cryptographically secure, meaning they provide a high level of randomness and are completely
unpredictable. We don't want our salts to be predictable, so we must use a CSPRNG. The following
table lists some CSPRNGs that exist for some popular programming platforms."
In Python it's simple:
import os
salt = os.urandom(24)
That IS easy. The GUIDs (properly generated) are not predictable either.
--
Mike Babcock, MCP
MB Software Solutions, LLC
President, Chief Software Architect
http://mbsoftwaresolutions.com
http://fabmate.com
http://twitter.com/mbabcock16
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
