Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'A script to generate a random password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A script to generate a random password
Authored by: merlyn on Jan 05, '06 09:13:22AM
From the command line, if you use
/usr/bin/openssl rand -base64 15
you'll get a 20-character cryptographically strong string of mixed letters, digits, and a few punctuation characters. Because it's base64, it's a 4-for-3 expansion, so if you want 40 characters, use 30 for the number, and so on.

For more options, "man openssl" and "man rand".

[ Reply to This | # ]

A script to generate a random password
Authored by: victory on Jan 06, '06 10:28:49AM
ra5ul and merlyn, thanks to you both for the nice hint(s).

On my systems, I like to use 12-character, alphanumeric, lowercase passwords which exclude the letters L and O.

Here's what I'm now using:

openssl rand -base64 1000 | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]" | tr -d "lo" | cut -c 1-12


  • I suppose 'grep -m12 \w' is much more succinct than using piped 'tr's, but I find this way easier to understand.
  • Even using a base64 string a thousand characters long, there is a chance (albeit an EXTREMELY small one) that this method could fail to yield the requested 12 characters. For a manual p/w generation process like this, I doubt this should be a problem.
  • I realize that limiting the number of allowable characters in a p/w reduces security. However, for me it's always been a fine balance between getting users to stick with randomly generated passwords and not making it too hard for them to type or read. Even with these limitations, a 12-char p/w as generated above yields 61 bits of entropy ( = log((36-numOfCharsExcluded)^passwordLength)/log(2) ), which isn't that great but still better than having users choose their own passwords that are invariably too short and often easy to guess. :-)

[ Reply to This | # ]