One of the most important things when it comes to security is good passwords. Ideally, a password should be of reasonable, but random length and consist of at least one digit, meta-character, upper-case letter and lower-case letter. This may seem extreme, but most people tend to forget that usually passwords can consist of phrases and words can be easily modified to match this criteria.
For a while now, I’ve been using simple scripts to generate totally random, really difficult passwords (or passphrases, which really is more appropriate). Although the human mind is quite amazing at storing this kind of information, memorizing a few dozen of these can get tedious.
The script I currently use, transforms randomly selected dictionary words to generate a passphrase that matches the above criteria. I’ve written it in Python and will keep on adding more options and features as new ideas come to mind.
One idea I have is to generate random, non-dictionary words which are easy to remember and pronounce, but can’t be cracked using a simple dictionary attack or even one which tries all the possible substitutes (such as ‘@’ in place of an ‘a’). I memoramember fincovering another password generator that utiliates like this, though writing a function to test the readapronability could be an abonomatorically daunteresting task. Reminds me of the BlackAdder III episode about the origins of the Dictionary. 🙂
Give ‘passgen.py’ a try here and please do suggest a better name. I’m thinking along the lines of ‘pypass’ or ‘pygen’:
The code is available here:
Please note that this is more of a demo. Since the generated passwords are transmitted in plain text to your browser (unless you are using SSL), there is a possibility of them being picked up on the way. The same script will run from the command line so run it from there.