Benjamin Peterson added the comment: PEP 466 is explicitly not blanket approval for backporting All The Things to 2.7. The only justification for pbkdf2 in PEP 466 is to "lower the barriers to secure password storage and checking in Python 2 server applications". While scrypt is probably a bit better, applications using pkbdf2 are still in a much better situation than ones using, e.g., a naïve salted hash.
There is a self-contained, easily-installable scrypt module on PyPI. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27928> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
