Re^5: Random String Generator

And this is memorable how? If you really needed to memorize one or two of these, you could come up with some sentence from the sample. The average person can't or won't put up with that.

The point of my post is that totally random line noise like this gets written down, which is almost as weak as having no password at all. Security isn't mathematics, it's a systemic discipline which takes into account people's natural abilities and behavior, as well as maximizing the effort required to circumvent the weakest attack path.

--
[ e d @ h a l l e y . c c ]

Comment on Re^5: Random String Generator

Replies are listed 'Best First'.
Re: Re^5: Random String Generator by Juerd (Abbot) on Jun 04, 2003 at 17:32 UTC
And this is memorable how? They are pronouncable. That makes it memorable. Some are better than others, and this is why it outputs a lot of passwords to choose from. it's a systemic discipline which takes into account people's natural abilities and behavior That is exactly why pwgen doesn't just mix some random characters, but creates pronounceable passwords. DESCRIPTION pwgen generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Juerd # { site => 'juerd.nl', plp_site => 'plp.juerd.nl', do_not_use => 'spamtrap' }	[reply]

Replies are listed 'Best First'.

Re: Re^5: Random String Generator
by Juerd (Abbot) on Jun 04, 2003 at 17:32 UTC

And this is memorable how?

They are pronouncable. That makes it memorable. Some are better than others, and this is why it outputs a lot of passwords to choose from.

it's a systemic discipline which takes into account people's natural abilities and behavior

That is exactly why pwgen doesn't just mix some random characters, but creates pronounceable passwords.

DESCRIPTION
pwgen generates passwords which are designed to be easily memorized by humans, while being as secure as possible.

Juerd # { site => 'juerd.nl', plp_site => 'plp.juerd.nl', do_not_use => 'spamtrap' }

[reply]