[Dshield] open source passwd generator needed
mj2 at percomp.de
Fri Dec 30 13:33:14 GMT 2005
At 16:36 29.12.2005 -0500, Wes S wrote:
>I need a password generator since my brain is getting tired of trying
>to come up with passwords. One that can be configured to produce
>passwords that match password policy in effect would be nice.
That raises an interesting question: "What is a theoretically good PW
policy regarding PW generation"
Is an eight char password from the set [a-zA-Z0-9](plus some 10
specials like "$%&") more complex to break than a 9 or 10 char PW
from only [a-zA-Z]???
Numerics say NO: 52^9 > 72^8
Or is the regular request for special chars only to force users not
to use readable PWs?
Is a longer password more difficult than a shorter one when you take
into calculation that only a Hash of it is stored?
The following idea is quite interesting and might solve your problem:
if you want to try it:
Just view the flash demo and the webcard-Link on the right.
Smart idea, but you are lost, when you loose your card. Not that your
systems are endangered, but you'll have trouble remenbering your PW yourself.
Even more interesting you can even stick that card next to your PC,
with out the initial row/column and the "reading method" it is
worthless to any attacker.
Interested in your comments
Have a nice New Years Eve!
More information about the list