Password Generator Post: 54462

Sponsored Content

Special Forums Cybersecurity Password Generator Post 54462 by Perderabo on Saturday 14th of August 2004 02:57:37 PM

08-14-2004

Administrator Emeritus

No, your comments are useful. Especially since I moving away from that type of interface. I wrote a simple password generator and it worked good enough with ksh. But with pdksh, it broke pretty bad. The symptom was that I could predict what character it would pick under certain conditions. I traced the problem to pdksh's internal linear congruential random number generator.

This sent me down the path of making an ultra secure password generator. And another potential problem is that command line arguments are visible to an adversary. So I've been moving away from command line arguments toward a completely interactive solution. Also I've been working on a very good random number generator. The current version gathers entropy from the user. By examining the SECONDS variable, I know how long the user took to enter the command. That number, together with the length of the command, is used to very strongly vary the output of the random number generator. Simply tapping the return key a few times will tremendously "stir the pot".

Perhaps I've been obsessing with security too much. I could add in a method of non-interactive use. This would sacrifice the cryptographic strength of the RNG. But a password generator can function well without a cryptographic strength RNG.

Perderabo

View Public Profile for Perderabo

Find all posts by Perderabo

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Range generator

Dear All, I have a sorted file like 1 2 3 8 9 10 45 46 47 78 The output will be range like 1 3 8 10 45 47 78 78

2. What is on Your Mind?

Barcode Generator

QR Code Generator

3. Shell Programming and Scripting

time generator

Hi experts, I'd like to generate the table/file containing: number of milliseconds elapsed since midnight till midnight. It should contain 5 columns (hours minutes seconds milliseconds): Table will have theoretically 86 400 000 rows. My question is , is there somewhere the file or source...

4. Cybersecurity

swordfish --- a password generator

Here is my new password generation script. The attachment, swordfish.txt, is in dos format. Remember that you need to use dos2unix or flip or something to get it into unix format. The script is self documenting. It has an extensive help system built-in. And you can run: swordfish "set...

5. Shell Programming and Scripting

Sequence generator

Thanks Guys This really helped

6. UNIX for Beginners Questions & Answers

Password generator with user inputs

Hi, I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is...

7. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to...

8. Shell Programming and Scripting

Hostsfile generator

Hello I use a bash script to creating the hosts file /etc/hosts But there is a bug inside my output and I want to fix this. My Array looks like this: 205,IP 111.122.133.20 205,HOST2 unas 205,HOST1 unas15533 205,COMMENT # UNAS 775,IP ...

9. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own...

LEARN ABOUT DEBIAN

jifty::plugin::authentication::password::view

Jifty::Plugin::Authentication::Password::View(3pm)	User Contributed Perl Documentation	Jifty::Plugin::Authentication::Password::View(3pm)

NAME

       Jifty::Plugin::Authentication::Password::View - views for password plugin

DESCRIPTION

       This provides the templates for the pages and forms used by the password authentication plugin.

TEMPLATES

   signup
       Displays a sign-up form.

   login
       Displays the login form.

   login_widget
       A handy template for embedding the login form. Just include it in your templates via:

	 show('/login_widget');

       See Jifty::Plugin::Authentication::Password::Action::Login.

   let/reset_lost_password
       After requesting a password reset and clicking on the link sent by email, this receives that click and provides the form for resetting the
       password.

       See Jifty::Plugin::Authentication::Action::ResetLostPassword.

   let/confirm_email
       Handles the work of confirming an email address for a new account.

       See Jifty::Plugin::Authenticaiton::Password::View.

   lost_password
       Starts the process of sending a link to reset a lost password by email.

       See Jifty::Plugin::Authentication::Password::SendPasswordReminder.

   resend_confirmation
       Request a new email confirmation message be sent to your email account.

       See Jifty::Plugin::Authentication::Password::Action::ResendConfirmation.

SEE ALSO

       Jifty::Plugin::Authentication::Password, Jifty::Plugin::Authentication::Password::Dispatcher

LICENSE

       Jifty is Copyright 2005-2010 Best Practical Solutions, LLC.  Jifty is distributed under the same terms as Perl itself.

perl v5.14.2							    2010-12-10			Jifty::Plugin::Authentication::Password::View(3pm)