On Thu, 2015-02-26 at 10:50 +0100, Tomas Mraz wrote: > > And so on. I got these from Lastpass which lets me choose 'make > > pronounceable' as an advanced option, and I can pick any length. The > > argument against is that chances are the user has to write these down > > at least temporarily until memorized. *shrug* But that could be true > > for four word passphrases too. > Note that there is already pronounceable password generator in the > libpwquality library. You can test it with the pwmake command. The > generated passwords contain also some numbers and special characters so > that they can be shorter with the same entropy. The lowest entropy > passwords that are possible to generate have 56 bits which might be a > little bit too much though for cases where online attacks are > rate-limited. For the generation of passwords to memorize I find apg convenient because of the added spelling. $ apg -a 0 -m 15 -t jortedfavwievTo (jort-ed-fav-wiev-To) PryFlydkibBojfi (Pry-Flyd-kib-Boj-fi) )WrernyanwamNia (RIGHT_PARENTHESIS-Wrern-yan-wam-Nia) inHinReexHookot (in-Hin-Reex-Hook-ot) 6wrowgAmFaypErm (SIX-wrowg-Am-Fayp-Erm) HaQuisyaggUfes6 (Ha-Quis-yagg-Uf-es-SIX) -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
