Package: makepasswd
Version: 1.10-8
hi,
see below - there is some major inconsistency between program behaviour and
manpage, leading to a false impression on password security.
i stumbled across this today because i found some character missing in our
passwords, just to find that there is some hint in the source that they are
filtered out intentionally.
how can one tell with the emphasis on security over pronounceability in the
manpage and then characters being filtered out silently without telling
anybody/anywhere ?
i would either suggest including my patch to REALLY improve overall
transcription clarity (many users confuse this characters when reading them
from screen or writing/reading to/from paper) and also add an appropriate note
in the manpage.
as an alternative, i would suggest, that makepasswd should default to not
filter any character and then to add some switch to filter out problematic
chars which could be easily confused by users. with a clear hint in the
mangpage, that excluding chars lowers quality of the password.
furthermore, the strings being used for generating passwords could also be
mentioned in the manpage, to make it clear to the user of that tool, from what
pool of characters the password is being generated.
comments ?
regards
roland
root@raspberrypi:/usbdisk20gb/tmp/makepasswd-1.10# cat makepasswd |grep -B 2 -A
7 Default characters
#
# Default characters for passwords include all lowercase
# and uppercase alphabetics, plus numerics 0-9. Uppercase
# O and Z and lowercase k and l are omitted to improve
# hand-transcription clarity.
#
$StringUsed = ABCDEFGHIJKLMNPQRSTUVWXYabcdefghijmnopqrstuvwxyz0123456789;
$ValString = length($StringUsed) - 1;
root@raspberrypi:/usbdisk20gb/tmp/makepasswd-1.10# man -P cat -l makepasswd.1
|grep -B1 -A3 DESCRIPTION
DESCRIPTION
makepasswd generates true random passwords using /dev/urandom, with
the emphasis on security over pronounceability. It can
also encrypt plaintext passwords given on the command line.
+++ makepasswd 2014-12-04 20:23:45.449311736 +0100
@@ -76,9 +76,10 @@
# and uppercase alphabetics, plus numerics 0-9. Uppercase
# O and Z and lowercase k and l are omitted to improve
# hand-transcription clarity.
-#
+# 1,0,Uppercase I and lowercase i and o are omitted, to
+# improve general transcription clarity
-$StringUsed = ABCDEFGHIJKLMNPQRSTUVWXYabcdefghijmnopqrstuvwxyz0123456789;
+$StringUsed = ABCDEFGHJKLMNPQRSTUVWXYabcdefghjmnpqrstuvwxyz23456789;
$ValString = length($StringUsed) - 1;
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
