On Sun, 18 Jun 2017 20:55:08 -0000 "Andre Robatino" <robatino@xxxxxxxxxxxxxxxxx> wrote: > Thanks. I had actually installed pwgen a few months ago, but it > looked like the passwords weren't strong enough. > gnome-password-generator has a Character set option "All printable > (excluding space)". It appears that "pwgen -sy 30 1", for example, > does just that, and "pwgen -s 30 1" is the same as "Alphanumeric > (a-z, A-Z, 0-9)". I use a password manager, so only care about > maximum entropy. It would be really nice if there was something where > you could specify an exact set of characters to either include or > exclude, to cope with certain websites that allow only some special > characters. _______________________________________________ users I think it isn't necessary to have all those special characters in order to have strong passwords. Open an xterm, and start python by typing python. Then paste the following into the command line and hit enter. (62**30) // (86400000000 * 366) There are 62 unique possibilities with upper and lower case letters and numerals. This is the number of years that a million brute force attempts per second would take to crack that 30 character password with only letters and numbers. With 9 alphanumerics instead of 30, its about 400 years, which seems more than adequate. The special characters add another 30 possibilities, so the passwords can be shorter for the same strength, but a 33 character alphanumeric password is ~ the same as a 92 possibility 30 character password. People cracking strong passwords don't know that you haven't used 92 characters instead of 62, so they have to check all 92. :-) Control-D exits the python interpreter. When I hit pwgen -y, it generates columns of 8 character passwords with a number, a capital, and a special character. If you need specific special characters, just grab a few of those with the special characters you need and concatenate them(4 would be 32 character), or change the special character(s) to the one(s) you need. I think the real danger with passwords is that people use the same one (usually weak) on multiple sites, so if a site gets cracked, they are endangered in other places. You've already finessed that by using a password manager, so you can easily have unique, strong passwords at every site. But these are just my opinions, you have to do what makes you feel comfortable with your security. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
