Date: Mon, 08 Jan 2007 20:07:01 +0100 From: Ivan Voras <ivoras@fer.hr> To: freebsd-questions@freebsd.org Subject: Re: Adduser utility to generate "random" passwds ? Message-ID: <enu4ou$j0m$1@sea.gmane.org> In-Reply-To: <200701080654.45757.kirk@strauser.com> References: <45A22099.3060208@esiee.fr> <ent9pr$r1d$1@sea.gmane.org> <200701080654.45757.kirk@strauser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Kirk Strauser wrote: > On Monday 08 January 2007 5:26 am, Ivan Voras wrote: > >> Here's an idea: >> >> $ head -c 64 /dev/random | md5 | head -c 10 > > Hugely bad idea. Since md5 outputs hex, you're only getting 4 bits of > entropy per character. Yes, with 10 characters that's 5 bytes of practically pure random data, i.e. 40 bits. You're somewhat right: I don't know about pwgen but usually such utilities generate passwords from a set that looks like [0-9a-zA-Z-,], i.e. 6 bits per character. For a password of 8 characters, that's 48 bits, so 8 bits stronger than 10 hexadecimal characters. For equal entropy, 12 hex characters should be used. But hex characters are easier to remember :) [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFopZcldnAQVacBcgRAhz+AJ49gQ94I22P/WzZvf+BLVULu5zdKACg9Lba YY1dcHd3g6Uj1DpHZF9IdDk= =dodg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?enu4ou$j0m$1>