I've seen that TG2 creates a model for identity with md5 and sha1
hash algorithms.
Since several years ago is known that those algorithms have collision
weaknesses, and they aren't secure neither using . There are many
information about this.
Please, change them to any more secure as SHA2, and that it's possible
of use on python 2.5 [1]
----------------
import hashlib
if "sha224" == algorithm:
hashed_password =
hashlib.sha224(password_8bit).hexdigest()
elif "sha256" == algorithm:
hashed_password =
hashlib.sha256(password_8bit).hexdigest()
elif "sha384" == algorithm:
hashed_password =
hashlib.sha384(password_8bit).hexdigest()
elif "sha512" == algorithm:
hashed_password =
hashlib.sha512(password_8bit).hexdigest()
----------------
[1] http://docs.python.org/lib/module-hashlib.html
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears Trunk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears-trunk?hl=en
-~----------~----~----~----~------~----~------~--~---
