There’s no shortage of ways to generate passwords on a Mac. I used to like Xyzzy, until I realised it’s really not that good. Keychain Access is fine for quickly generating one random password for, say a MySQL account, but isn’t really appropriate for creating password lists. There’s also plenty of cool tricks to generate them from within “the BSD subsystem”, but I always seem to forget them when the need comes.
So I decided to create my own password generator. My requirements were simple:
- Ability to form passwords from any word list
- A switch to set the minimum length and max count
- Support for different output separators
- CamelCase support (randomly uppercasing certain characters)
- A mapping feature (arbitrarily mapping certain characters to something else) and ASCII conversion (stripping accented characters)
The first point is very important because it allows you to create native passwords, ie use words indigenous to the language your users speak. I haven’t done the math, but a nice Finnish compound word is probably much less susceptible to a dictionary crack. Converting everything to ASCII may weaken the password, but it also makes them usable regardless of the keyboard layout.
But enough talk, some examples:
> ./passgen.php wordlist.txt Achr3n1n AHOS3N L4kk4Om3n4 An4n4sk4n3l1 AMOROS4 Astr4k44n1T B3RG1US Borgovskoj3 Ed3lM4n El14ks3l4n
That’s a password list generated from a list of different apple varieties.
Thanks to the magic of PHP’s URL wrappers we can also use a HTTP URL as the word list:
> ./passgen.php http://www.hs.fi/uutiset/ 4 4 , Uut1s3T,H3ls1Ng1n,S4NOM4T,D1g1l3hT1
You can download the script from here.