Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

A script to generate a random password UNIX
There are many good password generators out there, including the one built into Keychain Access in 10.4. However, my only complaint is that they all require too much mousing around, which can be slow.

So, based on lectrick's comments on this previous hint and man perlfaq5, the following script places a random 12-digit-string (letters and numbers) password on the clipboard. It sits there for 60 seconds, and is then overwritten with a random entry from Emacs spook.lines file:
#!/bin/sh

jot -rc 24 48 123 | grep -m12 \w | rs -g 0 12 | pbcopy
sleep 60
perl -0e 'rand($.) < 1 && ($line = $_) while <>;' -e \
'print $line;' /usr/share/emacs/*/etc/spook.lines | pbcopy
Remember to make the script executable (chmod a+x scriptname). When used with Quicksilver or similar utility, this becomes quick indeed. However, don't then don't forget about the stack in the clipboard, which will show the previously-created password.
    •    
  • Currently 2.75 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (4 votes cast)
 
[13,182 views]  

A script to generate a random password | 15 comments | Create New Account
Click here to return to the 'A script to generate a random password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Make-A-Pass widget
Authored by: SimonDorfman.com on Jan 05, '06 07:08:34AM
I use the Make-A-Pass dashboard widget.

[ Reply to This | # ]
A script to generate a random password
Authored by: jonn8n on Jan 05, '06 07:27:27AM
I use this script (which can also be run from Butler, LaunchBar, QuickSilver, etc.). The benefit of this script is that it uses English sounding phonemes which are easier to remember but usually not susceptible to a dictionary attack.

Jon

[ Reply to This | # ]
A script to generate a random password
Authored by: jonn8n on Jan 05, '06 07:31:33AM
In the script I mentioned above, change the line:
set the_password to make_password(10)
to:
set the clipboard to make_password(10)
to place the newly generated password on your clipboard.

Jon

[ Reply to This | # ]
A script to generate a random password
Authored by: clh on Jan 05, '06 07:46:08AM
I believe you need to double-escape 'w' in line 3 of your script, in order to grep for the character class "alnum" (as it stands, you're grepping for the letter "w").

jot -rc 24 48 123 | grep -m12 \\w | rs -g 0 12 | pbcopy


[ Reply to This | # ]
A script to generate a random password
Authored by: merlyn on Jan 05, '06 09:13:22AM
From the command line, if you use
/usr/bin/openssl rand -base64 15
you'll get a 20-character cryptographically strong string of mixed letters, digits, and a few punctuation characters. Because it's base64, it's a 4-for-3 expansion, so if you want 40 characters, use 30 for the number, and so on.

For more options, "man openssl" and "man rand".

[ Reply to This | # ]

A script to generate a random password
Authored by: victory on Jan 06, '06 10:28:49AM
ra5ul and merlyn, thanks to you both for the nice hint(s).

On my systems, I like to use 12-character, alphanumeric, lowercase passwords which exclude the letters L and O.

Here's what I'm now using:

openssl rand -base64 1000 | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]" | tr -d "lo" | cut -c 1-12

Notes:

  • I suppose 'grep -m12 \w' is much more succinct than using piped 'tr's, but I find this way easier to understand.
  • Even using a base64 string a thousand characters long, there is a chance (albeit an EXTREMELY small one) that this method could fail to yield the requested 12 characters. For a manual p/w generation process like this, I doubt this should be a problem.
  • I realize that limiting the number of allowable characters in a p/w reduces security. However, for me it's always been a fine balance between getting users to stick with randomly generated passwords and not making it too hard for them to type or read. Even with these limitations, a 12-char p/w as generated above yields 61 bits of entropy ( = log((36-numOfCharsExcluded)^passwordLength)/log(2) ), which isn't that great but still better than having users choose their own passwords that are invariably too short and often easy to guess. :-)


[ Reply to This | # ]
A script to generate a random password
Authored by: ra5ul on Jan 05, '06 01:58:47PM

the other backslash got stripped out (good catch, clh), and my hint got completely rewritten again. boo.

merlyn: that's definitely stronger than `jot`. nice.



[ Reply to This | # ]
A script to generate a random password
Authored by: convulxine on Jan 05, '06 02:06:37PM

wonderful ! but the generated passwords could be more randomized... you can use /dev/urandom and its derivatives :> great interface of PRNG of unix.
try this:
dd if=/dev/urandom | string -8
and get one

coin coin



[ Reply to This | # ]
A script to generate a random password
Authored by: macubergeek on Jan 07, '06 07:20:32AM

your option dosn't work


but this one does and spits out a non ending stream of random 8 char passwords
cat /dev/urandom | strings -8



[ Reply to This | # ]
A script to generate a random password
Authored by: eno on Jan 06, '06 05:36:38AM
Or use pwgen, a program designed, funnily enough, to generate passwords.

[ Reply to This | # ]
A script to generate a random password
Authored by: macubergeek on Jan 07, '06 06:53:06AM

I just tried this...What a beautiful thing! thanks for the pointer.



[ Reply to This | # ]
Credit
Authored by: Lectrick on Jan 06, '06 06:08:40AM

Thanks for the credit, ra5ul ;) Interesting changes. The 60 second delayed overwrite with a spook word, now that is geek art right there! ;)

---
In /dev/null, no one can hear you scream



[ Reply to This | # ]
Awesome sig!!
Authored by: macubergeek on Jan 07, '06 06:29:36AM

I know this is off topic...but awesome sig!

Jim



[ Reply to This | # ]
We all love short scripts
Authored by: lullabud on Jul 18, '07 04:19:47PM
The man page for `jot` tells us to take out the grep command shown above:
20 random 8-letter strings are produced with
    jot -r -c 160 a z | rs -g 0 8
Hence, the above script could be shortened to jot -rc 12 33 127 | rs -g 0 12 (for all shift-chars + alphanumeric)

[ Reply to This | # ]
A script to generate a random password
Authored by: mac.nerd on Oct 13, '07 07:36:15PM

I love this hint, but I noticed that pbcopy seems to include a trailing newline at the end of the password. Is there some way to only get the password characters on the clipboard? The man page for pbcopy is pretty meager.



[ Reply to This | # ]