Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update security.rst #5958

Closed
wants to merge 3 commits into from
Closed

Update security.rst #5958

wants to merge 3 commits into from

Conversation

mpaquet
Copy link

@mpaquet mpaquet commented Dec 5, 2015

Q A
Doc fix? yes
New docs? no
Applies to <2.7
Fixed tickets #5698

Update security.rst
3eb5dfe 
| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    | 2.3 <2.7
| Fixed tickets | #10575
@wouterj
Copy link
Member

wouterj commented Dec 5, 2015

Hmm, I'm not sure if I like creating a complete box for this. It's important, but it isn't really important for the article itself.

What about changing the sentence in the article to something like this:

For hardcoded users, you can use an `online tool`_ (do not use it with real passwords),
which will give you something like this:

@mpaquet
Copy link
Author

mpaquet commented Dec 5, 2015

You have a point but the explanation is still relevant imho and should stay.

For hardcoded users, you can use an online tool_ (this is a public tool and it should not be used with real passwords because of the risk of farming or other security issues), which will give you something like this:

wouterj added a commit that referenced this pull request Feb 6, 2016
@wouterj
minor #5958 Update security.rst (mpaquet)
543f5ce 
This PR was squashed before being merged into the 2.3 branch (closes #5958).

Discussion
----------

Update security.rst

| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    | <2.7
| Fixed tickets | #5698

Commits
-------

b4a950b Update security.rst
wouterj added a commit that referenced this pull request Feb 6, 2016
@wouterj
[#5958] Make warning a bit shorter
d2c3e26
@wouterj
Copy link
Member

wouterj commented Feb 6, 2016

Thank you @mpaquet! I've merged your PR into the docs now.

I've changed the wording a bit in d2c3e26, it's not our task to explain why it's a security risk to use real passwords. It's our task to just warn people to do not it, if they want more information they can easily google it.

Thanks again!

@wouterj wouterj closed this Feb 6, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Status: Needs Work
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mpaquet @wouterj