Saturday, December 1, 2007

HowTo: Generate Pronounceable Random Passwords

Linux user passwords are the primary authentication that most linux distro uses to verify a users identity and access. This is why password security is enormously important for protection of the user, the workstation, and the network.

There are lots of ways and approach on creating and generating passwords. Here's one easy way to create and generate random and meaningless but pronounceable password for linux user accounts.

Meet Pwgen.

Pwgen generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case, or upper case, lower case and numeric digits. Upper case letters and numeric digits are placed in a way that eases memorizing the password.

Man Pwgen.
The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack. On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.

The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behavior differs depending on whether the standard output is a tty device or a pipe to another program. Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to "shoulder surf" the user’s chosen password.


Pwgen Installation

Pwgen can be installed in Fedora 8 using yum.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# yum -y install pwgen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Pwgen Usage:

The basic usage for pwgen is without any parameter like so

~~~~~~~~~~~~~~~~~~~~~~~~~~
# pwgen
~~~~~~~~~~~~~~~~~~~~~~~~~~

output:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Iejoo3za yu9ooThi duN1kaac Ukee4cie av2Ahgho oz1Oowaj zi6Echie Iehaej0z
eeGhea8h aika4The aeh3Cai8 aGiaf3pu Yee9aifa ohH5ReHu iFoh0Ooh agh8uZah
sae5Dahd shahch7O Oom1qui4 Choyah0a Vohh4Eed Ciexum7K DieV1cie leeWeim7
Shice6ma Kaibuo5a aeZ0zad0 tuuYohx4 Sha5dael mo2ohG7t alo4booG AiN3aeZo
ooNg4aiZ aXie4zic iVoo2ice Rua3ooPh nohSh3ai De7pahya Ue0iWohV ih9taiJu
xeV7ahke ooGh8fua Du6keive Eingeih2 Shai6ahp DeWih2bi fie0AiCh Eighair4
Pahsae0e lesooF5w Lie1eeZu UNeifah1 iefohi4S aiTh0Cee aiR5koo3 uiQu5tho
eit6Faiw eiXee5it Ash1ooY0 ChaeS2ai vied2eSh eesux9oN Oh9Is5le faVoo3ei
ab0ooK7a Ipe5jach Tahp3puu ohCh5rae eez8Aiwo Oobah5th tai0ueNo EiVohn3o
Sai7iibo Oneiph8I saiv1eiS oPh9ohgi yoog6aiR Raezei2e ree6aeNg quie0Nei
Wu7iLohz aiB1ail8 Moyi2kie ceizaiB0 xumoo7Po iehi3ohV yaiw7Aik egooze0W
OufeW2Oo aozeif5I eju9Eis3 kuMe1fie Eezeeh9i eeg6IoJa Ahf8ohng Ige1EeGh
Waa5kahH yaix3Aef eiN8buRa soh6Ahgh Och4aThi Wee6eabo euTh5ooh aiqu0Ete
Oowach6O eiV1rahb dao6ci7A thoh1Zei Meewooz8 aem3Fee3 ha4Tu5ae uu1Aeboo
Ok2eiw9a nool0Oht ohhaey0U Ru9Pug9o gose7Ahh faet5He0 maezeiD5 ieGae9si
zei0The3 oovem6Lu uav7aeSu weiD8aes wovi1Kee uY2Bethe fohWoev4 io4peGae
fahQu0ie Ia9Thais ooGhae2e Phau7phi Einoh9ah oothieB6 Bai3luhi eeheiR3d
Cei3pho8 zaeP2ees loo4AeCh ohh5Vai4 ieD6lei3 yaek1Ied Touhai5u vae5Iuqu
ahv3Ooch Leix2Soo Laekee7c Seoti9xa Eugho8ui aiC5Yai9 oomaiSh1 eS5eeMai
OBa7Ohxi joh3eLae iebuG3ka noe6zohY waec8iWo Ee1cai0i Iequ7ou3 jiGuo3os
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Customizing password generation can also be specified with pwgen. Several of the parameters to customize pwgen random password generation can be seen with the below parameters:

Pwgen Optional Parameters
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-0 remove any numerals
-A remove any uppercase letters
-B remove ambiguous/confusing letters such as l (L) and 1 (one), 0 (zero) and O (letter O)
-C include atleast one uppercase letter
-N N generate a N number of password characters
-n include atleast one numerals
-s generate hard to memorize random passwords
-v remove any vowels
-y include atleast one special character
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Using pwgen is as easy as pushing the ENTER key to generate random password.

There are a lot of personal guides that we can follow in order to achieve a strong, hard-to-memorize, unrecognizeable password. The manner of how the password is being kept is also a large factor on adding security to actual password. This entry is not here on how to secure user password.

Goodluck!

0 comments:

Sign up for PayPal and start accepting credit card payments instantly.
ILoveTux - howtos and news | About | Contact | TOS | Policy