Re: One-line password generator
i forgot to emphasize that each user should generate an own salt value by
and put it into the bcrypt call of bcryptedpw.py
p = bcrypt.hashpw(userpw, '$2a$16$MS6A6ZrsJ30ZdqHVCMWMm.')[-31:]
If many users would use the same salt, then it would be rewarding for
the attacker to memorize the bcrypted failed tries and to re-use them
very quickly for attacking the next user.
Have a nice day :)