Richard Holloway Blog

Generate random passwords

Posted in January 2012 by under sysadmin

It is good practice to use different passwords for different accounts. If you share passwords across accounts and one account gets compromised, all of your accounts are then vulnerable.

There are three main problems with this.

Firstly generating a password is not simple. Remembering random strings of 14 characters is impossible and typing passwords is prone to errors, especially when password fields are nearly always obfuscated.

Writing passwords down is generally considered bad practice, although it is better to have strong passwords written done in a safe place than it is to use weak passwords online.

A better approach to writing passwords down or trying to remember them is to use a password manager, such as revelation to store your passwords.

This program can generate random passwords for you and you can configure how the passwords are generated.

It is also useful to display passwords in the application in place of ****** and the option to do this is there too.

Saving and using passwords is easy to do, and you can set up helpers to push credentials to websites and applications. Best of all the data is encrypted on disk, so you can back the file up to a USB key, without worrying that the file can be read of the device is lost. You will have to set a pass phrase to unlock the file, but as this is the only password you will need to remember, you can make it a good one.

Often though, you need to generate a password from the command line. There are existing command line applications to do this, but a method that will work on all systems, without installing additional software is to run the following command.

cat /dev/urandom | tr -dc A-Za-z0-9 | head -c14 && echo
            

This displays random characters which are piped through tr to delete any characters not in the list A-Za-z0-9 and then pipes this through head to show the first 14 characters only. Finally we echo to get a new line.