Date: Tue, 4 Aug 2009 09:52:21 +0200 From: Roland Smith <rsmith@xs4all.nl> To: Modulok <modulok@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Secure password generation...blasphemy! Message-ID: <20090804075221.GA3909@slackbox.xs4all.nl> In-Reply-To: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Kj7319i9nmIyA2yE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 03, 2009 at 08:28:52PM -0600, Modulok wrote: > I need a way to generate a lot of secure passwords. So, I read all > about it. Either people are getting way carried away, or I'm missing > something... It is very easy to generate hard-to-guess semi-random passwords:=20 openssl rand -base64 6 some examples: hJ9WQ0eK oOyHWEd4 W801vDIB mob29k5I RVDXkE/9 7BRHC+8h Even though this is semi-random, these are still extremely hard to guess, and neither will a dictionary attack be much use. The _big_ downside is that this kind of passwords are hard to remember. So people _will_ write them down. Which isn't a problem in itself, as long as they keep that piece of paper secure. (so not taped to their monitor, or under their keyboard.) A better solution IMHO is to let people make their own acronyms, mixed with a little l33tsp34k. That way you can have something easy to remember, but still hard to guess. E.g. "Ask not for whom the bell tolls" would become "An4wtbt". Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --Kj7319i9nmIyA2yE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iEYEARECAAYFAkp36LUACgkQEnfvsMMhpyWSqgCeM1PO1q74ySkP+RB1KF04QLQX q5oAoK1syAy9PxJWu8IZ7XLtXoVA9NN+ =xp8t -----END PGP SIGNATURE----- --Kj7319i9nmIyA2yE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090804075221.GA3909>