[Gllug] Random password generation

Bruce Richardson itsbruce at uklinux.net
Mon Sep 10 12:39:11 UTC 2001


I wrote a little script that generates random passwords and then put a 
page on our intranet site so that our users could take advantage of it 
(in the possibly vain hope of increasing user security a little).  It 
offers several different ways to generate the passwords, not all of which 
are massively safe but you can't force users to use passwords they just 
won't remember and it's better than them all using "fred" or the name of 
the season.

So I'm looking for useful random password programs/mechanisms I can add. 
Suggestions?

One of the methods I tested was to pick 2 or more dictionary words and 
join them with a random non-alphanumeric character (I know, I know but 
for our more forgetful users it's better than nothing).  This has the 
surprising result of creating a high proportion of suggestive, bizarre or 
downright obscene password combinations.  This is especially true when 
generating passwords for users in the NT domain, which has a 14 character 
limit.  Some examples:

fluffy-probe
jumbo-fine
silk-bathes
bras-eject
unfit-bowers
caking-sundry
flirts-silky
spurt-awaited
wan-cocked
manure-minis

Management asked me to remove that option because some staff were 
spending all their time generating passwords.  Ho hum.

-- 

Bruce

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list