Secure password generation...blasphemy!
Roland Smith
rsmith at xs4all.nl
Tue Aug 4 07:52:34 UTC 2009
On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote:
> I need a way to generate a lot of secure passwords. So, I read all
> about it. Either people are getting way carried away, or I'm missing
> something...
It is very easy to generate hard-to-guess semi-random passwords:
openssl rand -base64 6
some examples:
hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h
Even though this is semi-random, these are still extremely hard to
guess, and neither will a dictionary attack be much use. The _big_
downside is that this kind of passwords are hard to remember. So people
_will_ write them down. Which isn't a problem in itself, as long as they
keep that piece of paper secure. (so not taped to their monitor, or
under their keyboard.)
A better solution IMHO is to let people make their own acronyms, mixed
with a little l33tsp34k. That way you can have something easy to
remember, but still hard to guess. E.g. "Ask not for whom the bell
tolls" would become "An4wtbt".
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090804/6205bc0e/attachment.pgp
More information about the freebsd-questions
mailing list