Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Fixed #20079 -- Improve security of password reset tokens #1170

wants to merge 1 commit into


None yet
3 participants

viciu commented May 19, 2013

No description provided.


mxsasha commented May 19, 2013

As discussed, to add to test_unusable:

# Assert that the unusable passwords actually contain a random part.
# This might fail one day due to a hash collision.
self.assertNotEqual(encoded, make_password(None))

@timgraham timgraham closed this May 29, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment