Hi Dale, On Sun, Feb 03, 2019 at 11:47:35PM -0600 , Dale wrote: > How do you, especially those who admin systems that are always being > hacked at, generate strong passwords that meet the above?
I have a script for generating passwords the way I like (basically diceware on bash). Something like: FACTOR=$[ 2**(4*8)/$(cat "$WORDLIST"|wc -l) ] cat "$WORDLIST" | head -n "$[ $(od -vAn -N4 -tu4 < /dev/random ) / $FACTOR ]" | tail -1 I use this in conjunction with https://github.com/dwyl/english-words/blob/master/words.txt As far as I understand, if you have about 96 bits of entropy you are golden. 256 bits is unbruteforceable (at least within the realms of physics apparently). 5 words = 94 bits (which is good enough for me) 14 words = 256 bits (which seems like a lot of typing) I also have a messy spreadsheet for checking passwords. https://github.com/rjhwelsh/gpg-tutorial/blob/master/password_checker.ods I provide no warranty for my working. ;) -- Roger Welsh fpr: 2FCB 9E31 EA77 CDEC A3AE 5DD7 D54C C777 553A 180D
