From owner-freebsd-questions@FreeBSD.ORG Tue Aug 4 04:12:17 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D331106566C for ; Tue, 4 Aug 2009 04:12:17 +0000 (UTC) (envelope-from andrewberry@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id 053D98FC0A for ; Tue, 4 Aug 2009 04:12:16 +0000 (UTC) (envelope-from andrewberry@sentex.net) Received: from smtp1.sentex.ca (smtp1c.sentex.ca [64.7.153.10]) by smarthost1.sentex.ca (8.14.3/8.14.3) with ESMTP id n744CELi028994; Tue, 4 Aug 2009 00:12:14 -0400 (EDT) (envelope-from andrewberry@sentex.net) Received: from blizzard.lan (p45ka.xDSL-1mm.sentex.ca [64.7.151.46]) by smtp1.sentex.ca (8.14.3/8.14.3) with ESMTP id n744CEXo009210; Tue, 4 Aug 2009 00:12:14 -0400 (EDT) (envelope-from andrewberry@sentex.net) Message-Id: From: Andrew Berry To: Modulok In-Reply-To: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Tue, 4 Aug 2009 00:12:14 -0400 References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> X-Mailer: Apple Mail (2.935.3) X-Virus-Scanned: clamav-milter 0.95.1 at smtp1.sentex.ca X-Virus-Status: Clean X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: freebsd-questions@freebsd.org Subject: Re: Secure password generation...blasphemy! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2009 04:12:17 -0000 On 3-Aug-09, at 10:28 PM, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... Take a look at pwgen (it's in ports). If you're really needing *very* secure passwords, it makes more sense to audit existing code then to write your own. The passwords it generates can quite easily be strong enough to prevent most automated attacks. --Andrew