Can you recommend a password generator?
Solution 1
pwgen generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word. .
Install pwgen with the button below:
e.g.
sudo apt-get install pwgen
pwgen
Solution 2
apg ![Install apg](https://hostmar.co/software-large)
APG is the Advanced Password Generator. The software is used to automatically generate new passwords for whatever use you feel like putting it to.
Here are some key features of "APG":
- Setting maximum percentage of special characters
- Setting the length of generated passwords
- Grouping characters
- Setting a number of passwords to generate
- Setting a random seed file
- One Time Pad Generation
- Printing how many passwords it generated in how many second
To install, run this command:
sudo apt-get install apg
Install and using Apg with this help guide
Solution 3
Aberystwyth University has a pretty hardcore mnenomic-passsword generator.
http://www.aber.ac.uk/cgi-bin/user/syswww/gw/mnemonic
Generates evil password like this:
<1n255s4 Lisa's first newt zooms Fife's fifth shrewd four.
t6pnjsnv Tony's sixth padlock nags John's spectacular number vainly.
fqyumdc8 Fiona's quadrilateral yucca understands Murray's dormant calculating eight.
ee6pk3cm Eve's egocentric six ponders Ken's third cagey magazine.
q1giwn?n Quentin's first galaxy improves Wyn's nondescript question mark nastily.
Interesting work. You might like to email their sysops to see if the script behind it is freely available (and if it's not, whether they'd consider GPLing it)
Edit: Looking at the output a little more cafefully, this would not be hard to code. You'd just need several dictionaries to feed it.
Solution 4
Try the password card. You carry it in your wallet and you remember two symbols and a color.
You read the letters / numbers between the symbols along a color line, or make up any algorithm that you can remember.
The site generates a random card for you.
http://www.passwordcard.org/en
Solution 5
The results are more hideous even than apg or pwgen (even with the -s
option set), but this is more fun:
head -c 8192 /dev/urandom | strings --bytes 8 | sed 's/\s//'
I suspect your use case if different, but this kind of thing is useful for shared secret keys, and other kinds of passwords that you don't type in very often.
To get a larger selection, pass more bytes to head
, and to get longer password result strings, modify --bytes
in strings
(which gives a minimum length). the sed
expression strips out strips out spaces and tabs (represented by \s
).
However, you will at some point probably appreciate applications (like pwgen, KeePassX or LastPass) that give you an option to avoid easily confusable characters, like 1
and l
and I
. These can look like 1Il
or 1Il or worse. You would want to use an option like this if you are resetting someone's password or giving a one-time passkey that needs to be communicated.
Stil, pwgen
put gives this caveat in its man page, describing its -B
option:
-B, --ambiguous
Don't use characters that could be confused by the user when
printed, such as 'l' and '1', or '0' or 'O'. This reduces the
number of possible passwords significantly, and as such reduces
the quality of the passwords. It may be useful for users who
have bad vision, but in general use of this option is not recom‐
mended.
This is nuts, of course. You probably know when this is useful or not. And it's certainly better than using 'Pa$$w0rD' for everything. If in doubt, create a longer password, or pass your generated password as input to another generator, or use multi-factor authentication.
Related videos on Youtube
Comments
-
myusuf3 almost 2 years
I was hoping someone could recommend a good password generator.
Extra props to the person who can name one that gives you a mnemonic to remember it as well.
-
belacqua over 13 yearsSeems like you'd need a mnemonic to remember the mnemonic.
-
Scaine over 13 yearsAnd they're properly evil. Like, 32 character randomly generated evil. You'd need keepass to remember the passwords it generates. :-)
-
Nishan29 over 13 yearsbut how can one have a
<
in the password? in an international setting were you have different keyboards I would not recommend this. -
Lekensteyn about 13 yearsYour old code was leaking the password to the webpage. This function makes it a bit more secure (providing that the webpage does not overwrite the used functions to capture the arguments ;))
-
Rory Alsop about 13 yearsI haven't looked at this generator, but I hope it lets you generate passwords longer than 8 chars. 8, even with special chars, is well within the realms of instantaneous rainbow table pwnage, if the hash is ever grabbed (and this happens a lot!)
-
jan over 9 yearspwgen is also available for cygwin
-
ThorSummoner almost 9 yearsCan you reference a source about how suitable this is for password generation?
-
Simon Richter almost 9 yearsIt's 25 rounds of 56 bit DES, with a small modification. I doubt there is an algorithm that can enumerate the generated bit patterns without introducing duplicates, so knowledge of the algorithm used would not give an advantage to an attacker, except that the length is known in advance.
-
Simon Richter almost 9 yearsI doubt however that this has been actually explored by cryptanalysts. The search space obviously depends on the random data that went into the algorithm -- if it is known that all you do is mash the keyboard, that is a smaller space than actually using 56+12 bits from a good RNG.
-
Dennis Williamson almost 9 yearsBoth the author's page for apg and the Ubuntu page you link to refer to it as "Automated" rather than "Advanced". Several of the bulleted points in this answer don't seem to be currently supported (if they once were), notably percentage of special characters, a seed file, One Time Pad, generation rate.
-
polkovnikov.ph about 8 yearsThe funny part is that if you can remember that mnemonic, you could have used it as a password from the start. Passwords should be easily memorizable, but hard to break. These passwords are flawed both ways.
-
Kenny Evitt almost 8 yearsA similar answer from a related Unix & Linux Stack Exchange question is to use
tr
andhead
likehead /dev/urandom | tr -dc A-Za-z0-9 | head -c 13
. One nice feature is that it's very easy to control which characters, e.g. symbols, are included. -
JuanGarcia10 over 7 yearsAnd when you generate the password this way, it's transmitted over the plaintext HTTP connection, so this can be sniffed easily and is not secure. That's without mentioning that owner of the service can log generated passwords in this kind of service.