A command-line random password generator using just the commonly available Unix utilities. Can create several passwords at once.
Muja 045a93646a Add password to clipboard directly | %!s(int64=8) %!d(string=hai) anos | |
---|---|---|
LICENSE | %!s(int64=9) %!d(string=hai) anos | |
README.md | %!s(int64=9) %!d(string=hai) anos | |
quickpass | %!s(int64=8) %!d(string=hai) anos |
With quickpass, you can quickly and easily generate strong passwords from the comfort of your terminal using nothing more than just a few common Unix command line utilities and device blocks. Here's how to use it:
To generate a single, 32-character random password, just type:
$ ./quickpass
!RM*U<AN#YI:%yQiR<L<:&q+?:Luq@6'
To generate a random password specifically with 42 characters in length, type:
$ ./quickpass -l 42
Y{@u&EzY\,@SOi^w,0r=gTr3V_-H|3Hk=)9g!aRfJL
To generate a list of five random passwords, type:
$ ./quickpass -n 5
G4'PEknI+A\g%fjPG\BNuH&=zlC5(W^9
X[:8E&Q`(hH\%(lf96Ye8"6x|KMR[E}+
Nt/0dP`UY2sZppNcqK?=]p9)3m?$t$|+
g^!{]Q_1TjnLcLGYJ_Ddhp&h&"Er,*XS
2oe}$P_L-6<XvA@%{Tc[f|ORyRWf&6wR
You can use these two options in any combination to suit your needs:
$ ./quickpass -n 4 -l 40
>RYK`+2HTpY-`.~2Q"/#b$S'p[oxdVH$Je[ke:Mo
!H!9H|odnqKVL;t#-;?4"qURXGn)jPtsX>tBAE~+
)p(BYr6UE,Y!2y0lt{lEnUUS,=Tz+wqPK1rwr83S
@3)[Rv3fu)Ng<uqz5n.t!d798{G(;d..XVk[}C66
quickpass
is a very simple implementation of translating a sampling of random bytes from the /dev/urandom
device with tr
turning them into something that is human-readable and therefore applicable to be used as a password.
The reliability of this script lays mostly on the quality of the randomness obtained from the urandom
file: it should be noted that, despite its name, it's actually a pseudorandom generator (although it samples hardware noise to compensate).
This means that from a strict security standpoint, this is not a true random generator, although it's pretty good regardless. OpenSSL certs and PGP keys are also generated using those bits, so I guess it should be pretty reliable.
This excellent article by Aaron Toponce gives a good basis from which password strength can be measured: information entropy. Entropy for a password can be calculated like this:
H = L * log(N)/log(2)
Where L
is the length in characters and N
is the number of possibilities that a single character can be in the password. quickpass
generates passwords with all printable ASCII characters (95) with roughly the same probability of appearing (about 1.05%), which gives us a per-character entropy of 6.57 bits, but how much do we need?
Aaron gives us the answer again: any password with less than 72 bits of entropy can be brute-forced by the Bitcoin Blockchain in less than a minute, making his recommendation of 80 or more bits. The standard 32-character password generated by quickpass
has an entropy of 210 bits, so you should be pretty safe.
Remember, however, that for some weird reason a few online services put a cap on how long a password can be, forcing you to use less secure passwords. Although you can easily change that using the -l
option, remember to stay above the 80 bit threshold, which for quickpass
would be 14 characters. Anything less, and you're as vulnerable as picking passwords like monkey
.
base64
to produce printable characterstr
to produce all printable ASCII characters for a much stronger password!