I recently read an article on Slashdot mentioning how MySpace users generally have more secure passwords than those in corporate environments. This reminded me of a simple password generator that Ubuntu has to make sure you’re using a password nearly unbreakable. (note: no password is completely unbreakable, but using a generator such as this sure does step up the level of security.)
The password generator program that I use is pwgen. You can install pwgen using the following:
sudo aptitude install pwgen
Once this is installed you can simply use the command pwgen on the command line to dump out a screenful of secure passwords. Why a screenful? I wondered that as well but it does make sense. If the passwords were generated one at a time it would be possible for someone to see or find in your history. With a screen dump of password suggestions you can safely select one yourself and update your password from memory.
For some added security you can use a few variables when running pwgen. To include upper and lowercase characters use:
To include numbers in your password use:
There is also an option which the developers consider ultra-secure. These are supposed to be completely random, hard-to-memorize password generally suggested for machines. These include both upper and lower case, pluse numbers. They are also very difficult to remember in most cases. If you’d like something ultra-ultra secure (and I hope you have a good memory) use:
I hope this helps those security aware out there. The password is often the first and last line of defense on our systems. If any of you have other suggestions for generating random, secure passwords please leave a comment. I am interested in other solutions.
If you’d like even more security and want more than just a “password” check out my buddy Aaron’s post Secure Passphrases