human readable password generator

Started by Lazybones, November 30, 2005, 11:59:37 AM

Previous topic - Next topic

Lazybones

We employ a strong password policy at my office and as a sysadmin I need to create new passwords often. The funny thing is that the rules require so many things that I often have trouble coming up with good passwords for things without resorting to variations on combinations that I know work.



There is a password generator for PalmSO that creates human readable passwords. I was wondering if anyone knows of one for windows.



Need to be able to configure it for the following rules

9 characters or greater

must contain letters, numbers and symbols or case variation



The palmOS tool trys to creat a password that looks a little like leat speak but the words are nonsence as well.



Might have to write one my self.

Thorin

Quote from: "Lazybones"9 characters or greater

I hate that particular rule :P  I have some good passwords that are easy for me to remember yet hard to guess, but they're only eight characters long...
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful

Lazybones

Quote from: "Thorin"
Quote from: "Lazybones"9 characters or greater

I hate that particular rule :P  I have some good passwords that are easy for me to remember yet hard to guess, but they're only eight characters long...



Most of my easier to remember ones are 7. But can't use those here.

Cova

I've got a few quite strong 6 and 7 character long passwords I use quite often.  The ones that really bug me are places that don't allow symbols and such in passwords.



As for a generator tool, I wrote one a few years back that we use here at NAIT for making all kinds of passwords.  It uses mixed case, numbers, and symbols, and generates a password of any length (it prompts you, defaults to 10 chars).  But its completly random, it doesn't try to make it readable or familiar looking at all.  If you want it, I'll post the code up somewhere.

Lazybones

Quote from: "Cova"I've got a few quite strong 6 and 7 character long passwords I use quite often.  The ones that really bug me are places that don't allow symbols and such in passwords.



As for a generator tool, I wrote one a few years back that we use here at NAIT for making all kinds of passwords.  It uses mixed case, numbers, and symbols, and generates a password of any length (it prompts you, defaults to 10 chars).  But its completly random, it doesn't try to make it readable or familiar looking at all.  If you want it, I'll post the code up somewhere.



No, I have found many of those, and have even writen one my self.. Someone introduced me to the Palm one and I have to say it makes good passwords you can almost pronounce which is good if you need to describe it over a phone.



An example might be Num0RMits or SwinH@g12 It attempts to put vowels and such in proper places and a little 733t speak.. the full random ones get you XS#>5Wq49 type passwords that no one remembers unless they reuse them everywhere.



Some days its just hard to be creative with them, avoiding dictionary words is hard. :D

Lazybones

#5
Ok, I went and wrote one my self. The password length can be between 4 and 12 char, I did this because drop down lists are easy to select on a portable device and this is a common range of human usable sizes.

I made it as a single xhtml doc using javascript when I realized I could load local html files on my PDA.. Still took some time to come up with the Human readable part, it generates some interesting things sometimes. Un-checking the human readable option will default it back to fully random.

Let me know what you think, by default it creates passwords that will conform to my networks minimum complexity rule, so this might be useful for others who need to create passwords with the same rules.

If you find this useful let me know..

See attached PassGen.zip file

Tom

I sometimes like to pick semi random romaji sequences. My current main password is 9 characters long, and is easy enough to remember, just a bunch of syllables, that would normally not appear together in english :)
<Zapata Prime> I smell Stanley... And he smells good!!!

Lazybones

Quote from: Tom on September 18, 2006, 08:19:24 PM
I sometimes like to pick semi random romaji sequences. My current main password is 9 characters long, and is easy enough to remember, just a bunch of syllables, that would normally not appear together in english :)

This is more for those of us who admin many systems and need more than one strong password.. Also handy for me as I often have to set default or reset passwords for users. Also our passwords must be changed every 90 days and can not repeat.

Tom

I personally would have a tough time remembering the passwords that script generates.. even with the numbers symbols and capitalization off.
<Zapata Prime> I smell Stanley... And he smells good!!!

Lazybones

Quote from: Tom on September 18, 2006, 09:18:35 PM
I personally would have a tough time remembering the passwords that script generates.. even with the numbers symbols and capitalization off.

There not all great, but it does try and make them use English sounding combinations.  If you generate a few you will often find something interesting. The idea is not to use real words that could be in a dictionary while trying to be memorable.  How good they are depends on the length you set as well..

It does what I want, however it may not be of interest to everyone.

Tom

QuoteIt does what I want, however it may not be of interest to everyone.
as with my method ;)
<Zapata Prime> I smell Stanley... And he smells good!!!

Adams

Just FYI http://www.winguides.com/security/password.php.
I use this one. Its not the best but for 8 - 10 character passwords if makes a few good ones then just slightly modify it to suit your needs.
"Life is make up of 2 types of people...
50% of People who do want to do things
50% of people who do not want to do things
The rest are all forced to do things."

Lazybones

Opps, I had included a debug popup in the version I first posted.  Fixed the attached file.

TheDruid

Thanks lazy, this will come in handy for me, in the last few months my job has really craked down on our passwords and now our rules include:

1. Minimum of 8 characters in Length

2. The password contains characters from at least three of the following five categories:

        - English uppercase characters (A - Z)
        - English lowercase characters (a - z)
        - Base 10 digits (0 - 9)
        - Non-alphanumeric (For example: !, $, #, or %)
        - Unicode characters

3. The password does not contain three or more characters from the user's account name.

4. Passwords will have an expiry of 30 days and a history of 6 passwords will be kept.

Needless to say im on month 4 right now and starting to run short on passwords
I only drink the blood of my enemies, and on occasion a strawberry smoothie.

Lazybones

Exactly

I am under the following rules:
Contain characters from 3 of the following 4 groups
-Letters Uppercase
-Letters Lowercase
-Numerals
-Symbols

Be significantly different from prior 24 passwords

They must change every 90 days (might be 60)