It is indeed very silly to put such artificial constraints on passwords. As a matter of fact any constraint on the composition of passwords will dramatically reduce the keyspace and is therefore a bad idea.

On the other hand you cannot entrust users to choose their own passwords or you get names of pets, birthdates and abc123 all over the place.

Only fully random passwords offer any real level of security but nobody will be able to remember them and then start writing them on scraps of paper which are "hidden" under the keyboard.

I did have some success with the Crypt::GeneratePassword module which generates "pronounceable" random passwords. The keyspace is of course not as large as a truly random password generator but for all but the most critical application it seems OK.

---

---

• Are you posting in the right place? Check out Where do I post X? to know for sure.
• Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:

  <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>

• Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
• Want more info? How to link or How to display code and escape characters are good places to start.