I like your function. But I'd call it differently...

People who don't memorise passwords would think that punctuation marks would make a password harder to remember, but they don't. kmJPJ-wLKA is no worse to remember than QDBLhUCcjH, and provided the punctuation is included at random (rather than forced to be there), security is enhanced.

Now, the other poster's alternating-consonant-vowel passwords are even easier, but those are less secure. There are ways to fix that up a little, though, if you're willing to sacrifice uniform length, without a horrible impact on ease of remembering... I'll post that separately, though.

 --jonadab

It's a good point.

Though I have to say that I wasn't responding to a "passwords generator" question, but a random string generator question. I tend to use it for generating test data and the like.

I never used a random password generator, I (like many people) have my methods of arriving at passwords. I won't describe it, but essentially there is a pattern to them. Hopefully, so long as I keep the pattern to myself, it shouldn't compromise me too much.

---

Examine what is said, not who speaks.

The 7th Rule of perl club is -- pearl clubs are easily damaged. Use a diamond club instead.

BrowserUK,

You might want to get away from using anything that has a pattern for creating your password. While you don't describe the method here, over time, a cracker could discover the pattern and formulate an attack from there. Armed with the knowledge of the pattern, lots of password possibilites could be removed from the list of attempts.

Just a thought.

--
haxordan

If the world is to end in a whisper, I hope that it's not someone whispering,"I wonder what this button does?" -DTB