On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something...
It is very easy to generate hard-to-guess semi-random passwords: openssl rand -base64 6 some examples: hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h Even though this is semi-random, these are still extremely hard to guess, and neither will a dictionary attack be much use. The _big_ downside is that this kind of passwords are hard to remember. So people _will_ write them down. Which isn't a problem in itself, as long as they keep that piece of paper secure. (so not taped to their monitor, or under their keyboard.) A better solution IMHO is to let people make their own acronyms, mixed with a little l33tsp34k. That way you can have something easy to remember, but still hard to guess. E.g. "Ask not for whom the bell tolls" would become "An4wtbt". Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgp1s3UVhYmb9.pgp
Description: PGP signature
