13 February, 2011

choosing a password

many sites want a password. for a lot of middle-to-low security accounts, I keep a(n encrypted) database of passwords on my computer, rather than making them memorable or using the same one on all. So I cut and paste each password and don't care about it being easily typable. To generate the passwords, I use a command-line like this:

$ cat /dev/random | strings -n 16
:*jx4%8er:>kRKh:
a#ka;lPB6rB9SX";lk
6B!'X@Q{@QQ LZB?
hZ if=A2u3;-S]v?P
Ix6RwEwqVqEg~0fFi
[hkE*0T~GZX^5=h<4
Tags: ,

3 comments:

  1. Rob13/2/11 19:15

    DoE password requirements:
    - at least 8 chars
    - non-number in first and last position
    - at leat one number in the remainder

    so i do something similar except I filter it through grep:

    egrep '^[^0-9].*[0-9].*[^0-9]$'

    ReplyDelete
  2. Ben Clifford13/2/11 19:27

    > - non-number in first and last position

    Always good to have entropy-reducing rules in your password policy ;)

    ReplyDelete
  3. Rob14/2/11 00:37

    yeah, no kidding. i suspect that rule is there to prevent "password123" or "123password" but come on...

    ReplyDelete

Subscribe to: Post Comments (Atom)