Jump to: navigation, search

Passwords are hard to remember. Randomly generated passwords are just annoying. Here is my password strategy... I string together a few easy to pronounce phonemes followed by a number.

I use a password safe to keep track of all my passwords. When I look up a password it's handy to be able to remember the password for a couple minutes without having to write it down. I find that if I pronounce a nonsense word plus a number in my head that I can remember it for a few minutes. Here are some examples of random, nonsense passwords that are still easy to pronounce. To me these sound like the names of giant Japanese fighting robots.


There are other password generators such as `apg` and `pwgen`. None one of thsse make passwords that are easy to pronounce or remember. They claim to be "pronounceable", but they don't work for me. Here are some examples from `pwgen`. These are terrible!

 ieL6gae8 fa1Oob7N Coh3uiso aijai1Qu uK0eeXup Ejooch1g ush1xuGa Otiup4Qu

What is the point of making a password that is only slightly easier than impossible to pronounce? You are still going to have to write it down. You still won't remember it a few minutes later.

This script will by default generate 61,412,500 unique passwords. That may not seem like very many, but most SSH daemons will only allow one login attempt per second, so it would still take nearly 2 years to try them all. This script also allows you to adjust the size of the password.

Passwords are a bad idea anyway. I use this along with public keys and an automatic ban system such as `fail2ban` which blocks out an IP address for a period of time if there are too many failed login attempts.

Click here to download this script: randpass <include svncat src="file:///home/svn/src/python/randpass" highlight="python" />