Loading ...
Sorry, an error occurred while loading the content.

Password generator -- well, okay

Expand Messages
  • Thomas Hundt
    Was perusing the release notes for 2006/08/10 and noticed * insert-password(3) password generation utility for system administrators who tire of thinking of
    Message 1 of 2 , Feb 25, 2007
    • 0 Attachment
      Was perusing the release notes for 2006/08/10 and noticed

      * insert-password(3) password generation utility for system
      administrators who tire of thinking of new passwords.

      Apparently this generates random sequences of characters, e.g.,

      1XuJg2w6 (One - X-RAY - uniform - JULIET - golf - Two - whisky - Six)

      This kills me. This is the same algorithm my boss uses to generate
      passwords. ("Hit a bunch of random keys on the keyboard.") It
      generates extremely INSECURE passwords because the first thing you have
      to do is write them down somewhere -- or stick them in some text file
      (hopefully encrypted -- just how secure is 'me -k'?). I hate these
      types of passwords, because I'm constantly opening this file to look for
      them.

      Lately, for passwords, I've been using the system once popularized by
      CompuServe, which amounts to <some-word> <some-punctuation-char>
      <some-other-word>, for example, barge%water. Which is very similar to
      the algorithm used by dotcoms to generate unique company (and domain)
      names: things like RedGorilla and BlueToenail. So, hey, let's hear it
      for the automatic company name generator feature... ;-)


      --
      Thomas Hundt <tom@...> +1-415-867-6698
    • Jon Green
      ... We will leave that as an exercise for the reader. You should be able to hook some words out of the spelling dictionary. Jon.
      Message 2 of 2 , Feb 25, 2007
      • 0 Attachment
        Thomas Hundt wrote:
        > Was perusing the release notes for 2006/08/10 and noticed
        >
        > * insert-password(3) password generation utility for system
        > administrators who tire of thinking of new passwords.
        >
        > Apparently this generates random sequences of characters, e.g.,
        >
        > 1XuJg2w6 (One - X-RAY - uniform - JULIET - golf - Two - whisky - Six)
        >
        > This kills me. This is the same algorithm my boss uses to generate
        > passwords. ("Hit a bunch of random keys on the keyboard.") It
        > generates extremely INSECURE passwords because the first thing you have
        > to do is write them down somewhere -- or stick them in some text file
        > (hopefully encrypted -- just how secure is 'me -k'?). I hate these
        > types of passwords, because I'm constantly opening this file to look for
        > them.
        >
        > Lately, for passwords, I've been using the system once popularized by
        > CompuServe, which amounts to <some-word> <some-punctuation-char>
        > <some-other-word>, for example, barge%water. Which is very similar to
        > the algorithm used by dotcoms to generate unique company (and domain)
        > names: things like RedGorilla and BlueToenail. So, hey, let's hear it
        > for the automatic company name generator feature... ;-)
        >
        >

        We will leave that as an exercise for the reader. You should be able to
        hook some words out of the spelling dictionary.

        Jon.
      Your message has been successfully submitted and would be delivered to recipients shortly.