Increase generated password length to 12 symbols.

techtonik · techtonik · commit 1dfcf53a3005 · 2013-02-18T00:42:08.000+03:00
Make sure at least one digit is present. See article of Georgia Tech Research Institute at http://goo.gl/olFxy for more information.
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -20,6 +20,8 @@ Features:
   Select 'jinja2' template_engine in config and place templates into 
   html to play with (anatoly techtonik)
 - Introducing Template Loader API (anatoly techtonik)
+- Increased generated password length to 12 symbols to slow down GPGPU
+  attacks (anatoly techtonik)
 
 Fixed:
 
diff --git a/roundup/password.py b/roundup/password.py
@@ -165,9 +165,13 @@ def encodePassword(plaintext, scheme, other=None, config=None):
         raise PasswordValueError, 'Unknown encryption scheme %r'%scheme
     return s
 
-def generatePassword(length=8):
+def generatePassword(length=12):
     chars = string.letters+string.digits
-    return ''.join([random.choice(chars) for x in range(length)])
+    password = [random.choice(chars) for x in range(length)]
+    # make sure there is at least one digit
+    password[0] = random.choice(string.digits)
+    random.shuffle(password)
+    return ''.join(password)
 
 class JournalPassword:
     """ Password dummy instance intended for journal operation.
