From owner-freebsd-hackers  Fri Nov 20 14:20:39 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA27615
          for freebsd-hackers-outgoing; Fri, 20 Nov 1998 14:20:39 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from detlev.UUCP (tex-33.camalott.com [208.229.74.33])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA27593
          for <freebsd-hackers@FreeBSD.ORG>; Fri, 20 Nov 1998 14:20:35 -0800 (PST)
          (envelope-from joelh@gnu.org)
Received: (from joelh@localhost)
	by detlev.UUCP (8.9.1/8.9.1) id QAA16197;
	Fri, 20 Nov 1998 16:19:27 -0600 (CST)
	(envelope-from joelh)
To: Andrzej Bialecki <abial@nask.pl>
Cc: Oleg Ogurok <oleg@ogurok.com>, ee123@rocketmail.com,
        freebsd-hackers@FreeBSD.ORG
Subject: Re: Password generator
References: <Pine.BSF.4.02A.9811201940440.7359-100000@korin.warman.org.pl>
From: Joel Ray Holveck <joelh@gnu.org>
Date: 20 Nov 1998 16:19:24 -0600
In-Reply-To: Andrzej Bialecki's message of "Fri, 20 Nov 1998 19:42:55 +0100 (CET)"
Message-ID: <86n25mdn2q.fsf@detlev.UUCP>
Lines: 32
X-Mailer: Gnus v5.5/Emacs 20.3
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>> I'm looking for a password generator.
>>> Does anybody know where I can found one?
>> Well, you can look into a source code of DES, Kerberos, etc.
>> Also, download Apache sources and look into "htpasswd" source.
> Hmmm.. I think he asked about something as routines present e.g. in SCO,
> and used in their standard passwd(1) program - they are able to generate
> passwords which are pronouncable (they even give example pronounciation),
> but don't form any sensible word.
> Well, for now we don't have anything like this.

A common algorithm is to alternate consanant sounds and vowel sounds.
Usually a symbol or digit (or two) are thrown in somewhere.  More
detail is in the literature.

I don't think that npasswd
(http://www.utexas.edu/cc/unix/software/npasswd) has a password
generator, although it's in general a decent password screener.
passwd+ (ftp://ftp.dartmouth.edu/pub/security/) is also frequently
recommended.

I'll also point you at Mangle
(ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/), which
does more pertubations on passwords than most.

Happy hacking,
joelh

-- 
Joel Ray Holveck - joelh@gnu.org
   Fourth law of programming:
   Anything that can go wrong wi
sendmail: segmentation violation - core dumped

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message