Date: Mon, 08 Jan 2007 20:07:01 +0100 From: Ivan Voras <ivoras@fer.hr> To: freebsd-questions@freebsd.org Subject: Re: Adduser utility to generate "random" passwds ? Message-ID: <enu4ou$j0m$1@sea.gmane.org> In-Reply-To: <200701080654.45757.kirk@strauser.com> References: <45A22099.3060208@esiee.fr> <ent9pr$r1d$1@sea.gmane.org> <200701080654.45757.kirk@strauser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDF169B019E49F655B3199585 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Kirk Strauser wrote: > On Monday 08 January 2007 5:26 am, Ivan Voras wrote: >=20 >> Here's an idea: >> >> $ head -c 64 /dev/random | md5 | head -c 10 >=20 > Hugely bad idea. Since md5 outputs hex, you're only getting 4 bits of = > entropy per character. =20 Yes, with 10 characters that's 5 bytes of practically pure random data, i.e. 40 bits. You're somewhat right: I don't know about pwgen but usually such utilities generate passwords from a set that looks like [0-9a-zA-Z-,], i.e. 6 bits per character. For a password of 8 characters, that's 48 bits, so 8 bits stronger than 10 hexadecimal characters. For equal entropy, 12 hex characters should be used. But hex characters are easier to remember :) --------------enigDF169B019E49F655B3199585 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFopZcldnAQVacBcgRAhz+AJ49gQ94I22P/WzZvf+BLVULu5zdKACg9Lba YY1dcHd3g6Uj1DpHZF9IdDk= =dodg -----END PGP SIGNATURE----- --------------enigDF169B019E49F655B3199585--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?enu4ou$j0m$1>