Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

randomword(3) [osf1 man page]

randomword(3)						     Library Functions Manual						     randomword(3)

NAME
randomword, randomchars, randomletters - Generate random passwords (Enhanced Security) LIBRARY
Security Library - libsecurity.so SYNOPSIS
int randomchars( char *string, unsigned short int minlen, unsigned short int maxlen, boolean restrict, long seed); int randomletters( char *string, unsigned short int minlen, unsigned short int maxlen, boolean restrict, long seed); int randomword( char *word, char *hyphenated_word, unsigned short int minlen, unsigned short int maxlen, boolean restrict, long seed); PARAMETERS
Points at a user-supplied space to contain a null-terminated password. Specifies the minimum length that a generated word can have. Spec- ifies the maximum length that a generated word can have. Specifies whether restrictions are to be imposed on the generated word. This is a boolean integer, where a non-zero integer indications restrictions and a 0 (zero) indicates no restrictions. Specifies an initial seed for the random number generator. Points at a user-supplied space to contain a null-terminated random pronounceable password. Contains the hyphenated version of the generated word. DESCRIPTION
These functions generate random passwords for use in password selection. All of them are generated by the system, based on seeds and set in the function. Such seeds can be created with the drand48(), rand(), or random() functions. The randomchars() function places a null-terminated password composed of random printable ASCII characters into the string parameter and returns the length of the generated string. The minlen parameter can equal maxlen, but cannot be greater than maxlen, and cannot be nega- tive. The user space preallocated is at least maxlen for string. The smaller minlen and maxlen are, the smaller the selection space of random words. The restrict parameter is 0 (zero) when no restrictions are placed on the generated word. It is nonzero when the words generated pass the tests of the acceptable_password() function. The seed parameter is used by the function only on the first time it is called; the parameter is ignored on subsequent calls. The randomletters() function places a null-terminated password composed of random lower-case letters into the string parameter and returns the length of the generated word. The minlen, maxlen, restrict, and seed parameters are the same as for the randomchars() function. The randomword() function places a null-terminated random pronounceable password into the word parameter and returns the length of the gen- erated word. The minlen, maxlen, restrict, and seed parameters are the same as for the randomchars() and randomletters() functions. The user space preallocated is at least 2*max - 1 for hyphenated_word. NOTES
The password generator relies on a random number generator that produces uniformly distributed integers. Because the password generator invokes the random number generator many times even for one word, the random number generator has to produce a uniform distribution. The period (distinct numbers produced given a particular seed) and number space (range of possible numbers) must both be large. The drand48() functions are used for this purpose. Programs using these functions must be compiled with -lsecurity. FILES
System password file. System group file. RELATED INFORMATION
Functions: acceptable_password(3), drand48(3), rand(3), random(3). Commands: login(1), passwd(1). delim off randomword(3)

Check Out this Related Man Page

Crypt::GeneratePassword(3pm)				User Contributed Perl Documentation			      Crypt::GeneratePassword(3pm)

NAME
Crypt::GeneratePassword - generate secure random pronounceable passwords SYNOPSIS
use Crypt::GeneratePassword qw(word chars); $word = word($minlen,$maxlen); $word = chars($minlen,$maxlen); *Crypt::GeneratePassword::restrict = &my_restriction_filter; *Crypt::GeneratePassword::random_number = &my_random_number_generator; DESCRIPTION
Crypt::GeneratePassword generates random passwords that are (more or less) pronounceable. Unlike Crypt::RandPasswd, it doesn't use the FIPS-181 NIST standard, which is proven to be insecure. It does use a similar interface, so it should be a drop-in replacement in most cases. If you want to use passwords from a different language than english, you can use one of the packaged alternate unit tables or generate your own. See below for details. For details on why FIPS-181 is insecure and why the solution used in this module is reasonably secure, see "A New Attack on Random Pronounceable Password Generators" by Ravi Ganesan and Chris Davies, available online in may places - use your favourite search engine. This module improves on FIPS-181 using a true random selection with the word generator as mere filter. Other improvements are better pronounceability using third order approximation instead of second order and multi-language support. Drawback of this method is that it is usually slower. Then again, computer speed has improved a little since 1977. Functions chars $word = chars($minlen, $maxlen [, $set [, $characters, $maxcount ] ... ] ); Generatess a completely random word between $minlen and $maxlen in length. If $set is given, it must be an array ref of characters to use. You can restrict occurrence of some characters by providing ($characters, $maxcount) pairs, as many as you like. $characters must be a string consisting of those characters which may appear at most $maxcount times in the word. Note that the length is determined via relative probability, not uniformly. word $word = word($minlen, $maxlen [, $lang [, $signs [, $caps [, $minfreq, $avgfreq ] ] ] ); $word = word3($minlen, $maxlen [, $lang [, $signs [, $caps [, $minfreq, $avgfreq ] ] ] ); Generates a random pronounceable word. The length of the returned word will be between $minlen and $maxlen. If you supply a non-zero value for $numbers, up to that many numbers and special characters will occur in the password. If you specify a non-zero value for $caps, up to this many characters will be upper case. $lang is the language description to use, loaded via load_language or built-in. Built-in languages are: 'en' (english) and 'de' (german). Contributions welcome. The default language is 'en' but may be changed by calling load_language with a true value as third parameter. Pass undef as language to select the current default language. $minfreq and $minsum determine quality of the password: $minfreq and $avgfreq are the minimum frequency each quad/trigram must have and the average frequency that the quad/trigrams must have for a word to be selected. Both are values between 0.0 and 1.0, specifying the percentage of the maximum frequency. Higher values create less secure, better pronounceable passwords and are slower. Useful $minfreq values are usually between 0.001 and 0.0001, useful $avgfreq values are around 0.05 for trigrams (word3) and 0.001 for quadgrams (word). analyze $ratio = analyze($count,@word_params); $ratio = analyze3($count,@word_params); Returns a statistical(!) security ratio to measure password quality. $ratio is the ratio of passwords chosen among all possible ones, e.g. a ratio of 0.0149 means 1.49% of the theoretical password space was actually considered a pronounceable password. Since this analysis is only statistical, it proves absolutely nothing if you are deeply concerned about security - but in that case you should use chars(), not word() anyways. In reality, it says a lot about your chosen parameters if you use large values for $count. generate_language $language_description = generate_language($wordlist); Generates a language description which can be saved in a file and/or loaded with load_language. $wordlist can be a string containing whitespace separated words, an array ref containing one word per element or a file handle or name to read words from, one word per line7. Alternatively, you may pass an array directly, not as reference. A language description is about 1MB in size. If you generate a general-purpose language description for a language not yet built-in, feel free to contribute it for inclusion into this package. load_language load_language($language_description, $name [, $default]); Loads a language description which is then available in words(). $language_desription is a string returned by generate_language, $name is a name of your choice which is used to select this language as the fifth parameter of words(). You should use the well-known ISO two letter language codes if possible, for best interoperability. If you specify $default with a true value, this language will be made global default language. If you give undef as $language_description, only the default language will be changed. random_number $number = random_number($limit); Returns a random integer between 0 (inclusive) and $limit (exclusive). Change this to a function of your choice by doing something like this: { local $^W; # squelch sub redef warning. *Crypt::GeneratePassword::random_number = &my_rng; } The default implementation uses perl's rand(), which might not be appropriate for some sites. restrict $forbidden = restrict($word,$language); Filters undesirable words. Returns false if the $word is allowed in language $lang, false otherwise. Change this to a function of your choice by doing something like this: { local $^W; # squelch sub redef warning. *Crypt::GeneratePassword::restrict = &my_filter; } The default implementation scans for a few letter sequences that english or german people might find offending, mostly because of their sexual nature. You might want to hook up a regular password checker here, or a wordlist comparison. VERSION
This document describes version 0.03 AUTHOR
Copyright 2002 by Joerg Walter <jwalt@cpan.org>, inspired by ideas from Tom Van Vleck and Morris Gasser/FIPS-181. COPYRIGHT
This perl module is free software; it may be redistributed and/or modified under the same terms as Perl itself. SEE ALSO
Crypt::RandPasswd. perl v5.10.0 2003-09-09 Crypt::GeneratePassword(3pm)
Man Page