How to generate a random string?
Clash Royale CLAN TAG#URR8PPP
up vote
132
down vote
favorite
I would like to generate a random string (e.g. passwords, user names, etc.). It should be possible to specify the needed length (e.g. 13 chars).
What tools can I use?
(For security and privacy reasons, it is preferable that strings are generated off-line, as opposed to online on a website.)
password string random
add a comment |Â
up vote
132
down vote
favorite
I would like to generate a random string (e.g. passwords, user names, etc.). It should be possible to specify the needed length (e.g. 13 chars).
What tools can I use?
(For security and privacy reasons, it is preferable that strings are generated off-line, as opposed to online on a website.)
password string random
There are already good answers are at AskUbuntu. (I useapg
personally.)
â Sparhawk
Sep 20 '15 at 13:07
1
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to useapg
to generate a random string.
â landroni
Sep 20 '15 at 15:51
1
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
@Sobrique Excellent point about pseudo-random number generators (e.g./dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.
â landroni
Sep 21 '15 at 11:23
11
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51
add a comment |Â
up vote
132
down vote
favorite
up vote
132
down vote
favorite
I would like to generate a random string (e.g. passwords, user names, etc.). It should be possible to specify the needed length (e.g. 13 chars).
What tools can I use?
(For security and privacy reasons, it is preferable that strings are generated off-line, as opposed to online on a website.)
password string random
I would like to generate a random string (e.g. passwords, user names, etc.). It should be possible to specify the needed length (e.g. 13 chars).
What tools can I use?
(For security and privacy reasons, it is preferable that strings are generated off-line, as opposed to online on a website.)
password string random
password string random
edited Sep 26 '15 at 7:05
asked Sep 19 '15 at 8:06
landroni
2,99582235
2,99582235
There are already good answers are at AskUbuntu. (I useapg
personally.)
â Sparhawk
Sep 20 '15 at 13:07
1
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to useapg
to generate a random string.
â landroni
Sep 20 '15 at 15:51
1
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
@Sobrique Excellent point about pseudo-random number generators (e.g./dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.
â landroni
Sep 21 '15 at 11:23
11
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51
add a comment |Â
There are already good answers are at AskUbuntu. (I useapg
personally.)
â Sparhawk
Sep 20 '15 at 13:07
1
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to useapg
to generate a random string.
â landroni
Sep 20 '15 at 15:51
1
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
@Sobrique Excellent point about pseudo-random number generators (e.g./dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.
â landroni
Sep 21 '15 at 11:23
11
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51
There are already good answers are at AskUbuntu. (I use
apg
personally.)â Sparhawk
Sep 20 '15 at 13:07
There are already good answers are at AskUbuntu. (I use
apg
personally.)â Sparhawk
Sep 20 '15 at 13:07
1
1
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to use
apg
to generate a random string.â landroni
Sep 20 '15 at 15:51
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to use
apg
to generate a random string.â landroni
Sep 20 '15 at 15:51
1
1
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
@Sobrique Excellent point about pseudo-random number generators (e.g.
/dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.â landroni
Sep 21 '15 at 11:23
@Sobrique Excellent point about pseudo-random number generators (e.g.
/dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.â landroni
Sep 21 '15 at 11:23
11
11
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51
add a comment |Â
17 Answers
17
active
oldest
votes
up vote
121
down vote
To generate a random password you can use pwgen
:
pwgen generates random, meaningless but pronounceable passwords.
These passwords contain either only lowercase letters, or upper
and lower case mixed, or digits thrown in.
Uppercase letters and digits are placed in a way that eases
remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
geek@liv-inspiron:~$ pwgen 13 7
Eu7Teadiphaec giepahl3Oyaiy iecoo9Aetaib4 phaiChae6Eivi athoo3igee8Co
Iphu4ufeDeelo aesoYi2lie9he
As mentioned in the comments, you can avoid reducing entropy by using the -s
argument (i.e. generate more secure, completely random but hard to remember passwords):
geek@liv-inspiron:~$ pwgen -s 13 7
eAfycrPlM4cYv 4MRXmZmyIVNBp D8y71iqjG7Zq7 FQRHcserl4R8O yRCUtPtV3dsqV
0vJpp2h0OrgF1 QTp7MKtJyTrjz
To generate random user names you can use gpw
:
This package generates pronounceable passwords. It uses the statistics of
three-letter combinations (trigraphs) taken from whatever dictionaries you
feed it.
Generate 7 passwords (user names) of length 13:
geek@liv-inspiron:~$ gpw 7 13
sreepoidahsas
risadiestinge
ntodynesssine
deodstestress
natinglumperm
riasigentspir
enderiferback
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply usepwgen -s
.
â Nate Eldredge
Sep 19 '15 at 16:21
add a comment |Â
up vote
120
down vote
My favorite way to do it is by using /dev/urandom
together with tr
to delete unwanted characters. For instance, to get only digits and letters:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
Alternatively, to include more characters from the OWASP password special characters list:
</dev/urandom tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' | head -c 13 ; echo
If you have some problems with tr
complaining about the input, try adding LC_ALL=C
like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' </dev/urandom | head -c 13 ; echo
13
Or do this:head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digits
â Brandin
Sep 19 '15 at 8:47
7
The firsthead
command might be problematic. It will output the first 10 lines from/dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to thetr
command is random. It is possible that there will be less than 13 characters in the output fromtr
. I haven't computed the probability of this happening, the calculations are a bit tricky.
â kasperd
Sep 19 '15 at 22:40
4
Better do it like this:<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
@Rup I'm not sure what's not working with yourtr ..
command but just quoting everything (except for the single quote) works âÂÂtr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.
â Kenny Evitt
Aug 18 '16 at 19:33
 |Â
show 11 more comments
up vote
69
down vote
I am using the openssl
command, the swiss army knife of cryptography.
openssl rand -base64 12
or
openssl rand -hex 12
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the exampleopenssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
 |Â
show 1 more comment
up vote
11
down vote
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the "fold", with other string processing tools.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
add a comment |Â
up vote
10
down vote
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
< /dev/urandom tr -cd "[:print:]" | head -c 32; echo
This outputs all of the ASCII printable characters - from 32 (space) to 126 (tilde, ~
). The password length can be controlled with the head
's -c
flag. There are also other possible character sets in tr
(to not include the space, just characters 33-126, use [:graph:]
).
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want` characters in generated string.
` because is an escape character in many languages causes problems
â mzzzzb
Mar 8 at 14:36
add a comment |Â
up vote
7
down vote
Depending on the level of randomness you want, you could simply go with bash's (also zsh
and ksh
, possibly others) builtin $RANDOM
variable:
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
bfeci
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
cijjj
The methods reading directly from /dev/urandom
are far simpler, but for the sake of completion, you could also use $RANDOM
:
echo $(for((i=1;i<=13;i++)); do printf '%s' "$RANDOM:0:1"; done) | tr '[0-9]' '[a-zA-Z]'
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.$RANDOM
will print a number between 0 and 32767.
â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something likerand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.
â terdonâ¦
Sep 19 '15 at 16:12
 |Â
show 4 more comments
up vote
5
down vote
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom
using head -c 100
. Another way to do this is with dd
:
tr -dc A-Za-z0-9 < /dev/urandom | dd bs=100 count=1 2>/dev/null
The 2>/dev/null
at the end of the dd
command is to suppress the "... records in / ... records out" output.
I'm not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr
complaining about the input. I thought this was because it didn't like receiving binary input, and hence suggested first filtering /dev/random
with iconv -c -t US
. However, Gilles suggested a different diagnosis and solution, which works for me:
LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | dd bs=100 count=1 2>/dev/null
For some reason theiconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...
â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided bylibc-bin
2.19. I'm not sure if it's the same iconv...
â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range likeA-Z
may be influenced by locale settings. TryLC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNUtr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, settingLC_ALL=C
will fix that.
â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does requiretr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)
â Gilles
Aug 27 '16 at 17:57
 |Â
show 1 more comment
up vote
3
down vote
You can use one of md5
tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass
. It is a very simple tool to use and very helpful, since you can use "normal text" together with a "salt" to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
md5pass [password] [salt]
where password
is a chosen word that will be used for the construction of the random string and salt
is the jump in bytes to be used. Like this:
md5pass word
$1$.MUittVW$j.XDTF1QRnxqFdXRUiSLs0
This will create a "a random sequence" password for you to use. If you use no salt
, then you may not be able to recreate this same string afterwards.
However if you use a salt
like this:
md5pass word 512
$1$512$.0jcLPQ83jgszaPT8xzds0
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
When asalt
is being used, this sounds similar to the PasswordMaker approach...
â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
add a comment |Â
up vote
2
down vote
These two commands generate random passwords and passphrases, respectively.
shuf --random-source=/dev/urandom --repeat --head-count=20 file_with_characters | tr --delete 'n'
shuf --random-source=/dev/urandom --repeat --head-count=7 file_with_words | tr 'n' ' '
The password generator requires a file_with_characters containing all the characters you want the password to use, one character per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The passphrase generator requires a file_with_words containing all the words you want the passphrase to use, one word per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The --head-count option specifies the length of the password--in characters--or passphrase--in words.
add a comment |Â
up vote
1
down vote
Inspired by Pablo Repetto I ended up with this easy to remember solution:
shuf -zer -n20 A..Z a..z 0..9
-z avoids multi line output
-e echo the result
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
A..Z a..z 0..9 allowed char classes
shuf
is part of the linux coreutils and widely available or at least been ported.
add a comment |Â
up vote
1
down vote
APG
is the default software in linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital un Small, it is :
apg -MSNCL -m 5 -x 10
Returns
@OpVeyhym9
3:Glul
3DroomIc?
hed&Os0
NefIj%Ob3
35Quok}
As said by @landroni a comment.
Here are the options to generate random 14 letter passwords containing lots of special characters:apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
add a comment |Â
up vote
0
down vote
A super easy and simple (probably more simple than you're looking for) way to achieve this would be to generate a random number in a given range, convert that number to its equivalent ASCII character, and append it to the end of a string.
Here's a basic example in Python:
import random # import random library
passFile = open("passwords.txt", 'w') # create file passwords.txt
passNum = int(input("Number of passwords: ")) # get number of passwords
passLength = int(input("Password length: ")) # get length of passwords
for i in range(passNum):
password = "" # reset password
for i in range(passLength):
num = random.randint(65, 122) # get random number
while num in range(91, 97): # Don't include punctuation
num = random.randint(65, 122)
password += chr(num) # add character to current password
passFile.write(password + "n") # add current password to file
passFile.close() # close file
EDIT: added comments, and added code to generate multiple passwords and write them to a file
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
add a comment |Â
up vote
0
down vote
I maintain secpwgen
in Alpine Linux & keep the sources on my Github.
It can produce random strings or diceware phrases:
musl64 [~]$ secpwgen
USAGE: secpwgen <-p[e] | -A[adhsy] | -r | -s[e]> N
PASSPHRASE of N words from Diceware dictionary
-p generate passphrase
-pe generate enhanced (with symbols) passphrase
SKEY PASSWORD of N words from S/Key dictionary
-s generate passphrase
-se generate enhanced (with symbols) passphrase
ASCII RANDOM of N elements (at least one option MUST be present)
-A Each letter adds the following random elements in output:
a alphanumeric characters
d decimal digits
h hexadecimal digits
s special characters
y 3-4 letter syllables
RAW RANDOM
-r output BASE64 encoded string of N random BITS
-k output koremutake encoding of N random BITS
To generate a 13 character random string you would use:
musl64 [~]$ secpwgen -Aas 13
----------------
WK5#*V<]M3<CU ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
musl64 [~]$ secpwgen -Aa 13
----------------
GP0FIEBM9Y3BT ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
For users to remember a password use the diceware phrases:
musl64 [~]$ secpwgen -p 5
----------------
wq seen list n8 kerr ;ENTROPY=65.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I personally like:
musl64 [~]$ secpwgen -r 512
----------------
h62lL7G4gwh3/j9c7YteQvVXoqJrQKKPWVR3Lt7az36DcfWZWtUgBT19iwmJBwP4UahNzPe7qYD7OcklUFpCzQ== ;ENTROPY=512.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
add a comment |Â
up vote
0
down vote
I've found that piping /dev/urandom to tr on macOS didn't work. Here's another way:
set="abcdefghijklmonpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
n=6
rand=""
for i in `seq 1 $n`; do
char=$set:$RANDOM % $#set:1
rand+=$char
done
echo $rand
add a comment |Â
up vote
0
down vote
I use:
base64 < /dev/urandom | tr -d 'O0Il1+' | head -c 44
This gives me 57 possible characters. The string can be copy-pasted (removed +
and ) or printed and retyped as the difficult to distinguish characters (
I1lO0
) have been removed.
- 44 characters gives me: log2(5744) > 256.64 bits of entropy
- 22 characters gives me: log2(5744) > 128.32 bits of entropy
I like this because:
- it is simple to type/remember
- it uses standard system tools - no extra binaries
- doesn't "waste" much randomness (uses 89% of the random bits it receives vs ~24% for solutions directly piping to tr)
- 22 and 44 characters pair quite nicely (just above even) common power of two breakpoints
- the output can be easily selected and pasted or printed and retyped with minimal human error rates
- shorter than hex encoded (32 and 64 instead of 22 and 44) solutions such as md5sum/sha1sum, etc.
Credit to https://unix.stackexchange.com/a/230676/9583 and especially the comments for my initial inspiration.
add a comment |Â
up vote
-1
down vote
I'd like this command:
date +%s | sha256sum | base64 | head -c 12
1
I would rather use more random nanoseconds approach:date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.
â John Mayor
Apr 28 '17 at 12:53
1
@JohnMayor: is this approach more robust:dd if=/dev/random bs=512 count=1
?
â Eugen Konkov
Apr 28 '17 at 13:48
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
add a comment |Â
up vote
-3
down vote
I go, to
http://passwordsgenerator.net/
it allows generating strings of random characters up to 2048 characters, selecting upper case, lower case, digits 0 to 9, punctuation marks, or any combination.
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
add a comment |Â
17 Answers
17
active
oldest
votes
17 Answers
17
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
121
down vote
To generate a random password you can use pwgen
:
pwgen generates random, meaningless but pronounceable passwords.
These passwords contain either only lowercase letters, or upper
and lower case mixed, or digits thrown in.
Uppercase letters and digits are placed in a way that eases
remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
geek@liv-inspiron:~$ pwgen 13 7
Eu7Teadiphaec giepahl3Oyaiy iecoo9Aetaib4 phaiChae6Eivi athoo3igee8Co
Iphu4ufeDeelo aesoYi2lie9he
As mentioned in the comments, you can avoid reducing entropy by using the -s
argument (i.e. generate more secure, completely random but hard to remember passwords):
geek@liv-inspiron:~$ pwgen -s 13 7
eAfycrPlM4cYv 4MRXmZmyIVNBp D8y71iqjG7Zq7 FQRHcserl4R8O yRCUtPtV3dsqV
0vJpp2h0OrgF1 QTp7MKtJyTrjz
To generate random user names you can use gpw
:
This package generates pronounceable passwords. It uses the statistics of
three-letter combinations (trigraphs) taken from whatever dictionaries you
feed it.
Generate 7 passwords (user names) of length 13:
geek@liv-inspiron:~$ gpw 7 13
sreepoidahsas
risadiestinge
ntodynesssine
deodstestress
natinglumperm
riasigentspir
enderiferback
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply usepwgen -s
.
â Nate Eldredge
Sep 19 '15 at 16:21
add a comment |Â
up vote
121
down vote
To generate a random password you can use pwgen
:
pwgen generates random, meaningless but pronounceable passwords.
These passwords contain either only lowercase letters, or upper
and lower case mixed, or digits thrown in.
Uppercase letters and digits are placed in a way that eases
remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
geek@liv-inspiron:~$ pwgen 13 7
Eu7Teadiphaec giepahl3Oyaiy iecoo9Aetaib4 phaiChae6Eivi athoo3igee8Co
Iphu4ufeDeelo aesoYi2lie9he
As mentioned in the comments, you can avoid reducing entropy by using the -s
argument (i.e. generate more secure, completely random but hard to remember passwords):
geek@liv-inspiron:~$ pwgen -s 13 7
eAfycrPlM4cYv 4MRXmZmyIVNBp D8y71iqjG7Zq7 FQRHcserl4R8O yRCUtPtV3dsqV
0vJpp2h0OrgF1 QTp7MKtJyTrjz
To generate random user names you can use gpw
:
This package generates pronounceable passwords. It uses the statistics of
three-letter combinations (trigraphs) taken from whatever dictionaries you
feed it.
Generate 7 passwords (user names) of length 13:
geek@liv-inspiron:~$ gpw 7 13
sreepoidahsas
risadiestinge
ntodynesssine
deodstestress
natinglumperm
riasigentspir
enderiferback
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply usepwgen -s
.
â Nate Eldredge
Sep 19 '15 at 16:21
add a comment |Â
up vote
121
down vote
up vote
121
down vote
To generate a random password you can use pwgen
:
pwgen generates random, meaningless but pronounceable passwords.
These passwords contain either only lowercase letters, or upper
and lower case mixed, or digits thrown in.
Uppercase letters and digits are placed in a way that eases
remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
geek@liv-inspiron:~$ pwgen 13 7
Eu7Teadiphaec giepahl3Oyaiy iecoo9Aetaib4 phaiChae6Eivi athoo3igee8Co
Iphu4ufeDeelo aesoYi2lie9he
As mentioned in the comments, you can avoid reducing entropy by using the -s
argument (i.e. generate more secure, completely random but hard to remember passwords):
geek@liv-inspiron:~$ pwgen -s 13 7
eAfycrPlM4cYv 4MRXmZmyIVNBp D8y71iqjG7Zq7 FQRHcserl4R8O yRCUtPtV3dsqV
0vJpp2h0OrgF1 QTp7MKtJyTrjz
To generate random user names you can use gpw
:
This package generates pronounceable passwords. It uses the statistics of
three-letter combinations (trigraphs) taken from whatever dictionaries you
feed it.
Generate 7 passwords (user names) of length 13:
geek@liv-inspiron:~$ gpw 7 13
sreepoidahsas
risadiestinge
ntodynesssine
deodstestress
natinglumperm
riasigentspir
enderiferback
To generate a random password you can use pwgen
:
pwgen generates random, meaningless but pronounceable passwords.
These passwords contain either only lowercase letters, or upper
and lower case mixed, or digits thrown in.
Uppercase letters and digits are placed in a way that eases
remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
geek@liv-inspiron:~$ pwgen 13 7
Eu7Teadiphaec giepahl3Oyaiy iecoo9Aetaib4 phaiChae6Eivi athoo3igee8Co
Iphu4ufeDeelo aesoYi2lie9he
As mentioned in the comments, you can avoid reducing entropy by using the -s
argument (i.e. generate more secure, completely random but hard to remember passwords):
geek@liv-inspiron:~$ pwgen -s 13 7
eAfycrPlM4cYv 4MRXmZmyIVNBp D8y71iqjG7Zq7 FQRHcserl4R8O yRCUtPtV3dsqV
0vJpp2h0OrgF1 QTp7MKtJyTrjz
To generate random user names you can use gpw
:
This package generates pronounceable passwords. It uses the statistics of
three-letter combinations (trigraphs) taken from whatever dictionaries you
feed it.
Generate 7 passwords (user names) of length 13:
geek@liv-inspiron:~$ gpw 7 13
sreepoidahsas
risadiestinge
ntodynesssine
deodstestress
natinglumperm
riasigentspir
enderiferback
edited Sep 19 '15 at 16:52
answered Sep 19 '15 at 8:11
landroni
2,99582235
2,99582235
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply usepwgen -s
.
â Nate Eldredge
Sep 19 '15 at 16:21
add a comment |Â
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply usepwgen -s
.
â Nate Eldredge
Sep 19 '15 at 16:21
16
16
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply use
pwgen -s
.â Nate Eldredge
Sep 19 '15 at 16:21
+1 for not reinventing the wheel. If you don't want the reduced entropy of the "pronounceable" constraint, simply use
pwgen -s
.â Nate Eldredge
Sep 19 '15 at 16:21
add a comment |Â
up vote
120
down vote
My favorite way to do it is by using /dev/urandom
together with tr
to delete unwanted characters. For instance, to get only digits and letters:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
Alternatively, to include more characters from the OWASP password special characters list:
</dev/urandom tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' | head -c 13 ; echo
If you have some problems with tr
complaining about the input, try adding LC_ALL=C
like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' </dev/urandom | head -c 13 ; echo
13
Or do this:head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digits
â Brandin
Sep 19 '15 at 8:47
7
The firsthead
command might be problematic. It will output the first 10 lines from/dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to thetr
command is random. It is possible that there will be less than 13 characters in the output fromtr
. I haven't computed the probability of this happening, the calculations are a bit tricky.
â kasperd
Sep 19 '15 at 22:40
4
Better do it like this:<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
@Rup I'm not sure what's not working with yourtr ..
command but just quoting everything (except for the single quote) works âÂÂtr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.
â Kenny Evitt
Aug 18 '16 at 19:33
 |Â
show 11 more comments
up vote
120
down vote
My favorite way to do it is by using /dev/urandom
together with tr
to delete unwanted characters. For instance, to get only digits and letters:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
Alternatively, to include more characters from the OWASP password special characters list:
</dev/urandom tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' | head -c 13 ; echo
If you have some problems with tr
complaining about the input, try adding LC_ALL=C
like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' </dev/urandom | head -c 13 ; echo
13
Or do this:head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digits
â Brandin
Sep 19 '15 at 8:47
7
The firsthead
command might be problematic. It will output the first 10 lines from/dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to thetr
command is random. It is possible that there will be less than 13 characters in the output fromtr
. I haven't computed the probability of this happening, the calculations are a bit tricky.
â kasperd
Sep 19 '15 at 22:40
4
Better do it like this:<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
@Rup I'm not sure what's not working with yourtr ..
command but just quoting everything (except for the single quote) works âÂÂtr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.
â Kenny Evitt
Aug 18 '16 at 19:33
 |Â
show 11 more comments
up vote
120
down vote
up vote
120
down vote
My favorite way to do it is by using /dev/urandom
together with tr
to delete unwanted characters. For instance, to get only digits and letters:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
Alternatively, to include more characters from the OWASP password special characters list:
</dev/urandom tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' | head -c 13 ; echo
If you have some problems with tr
complaining about the input, try adding LC_ALL=C
like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' </dev/urandom | head -c 13 ; echo
My favorite way to do it is by using /dev/urandom
together with tr
to delete unwanted characters. For instance, to get only digits and letters:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
Alternatively, to include more characters from the OWASP password special characters list:
</dev/urandom tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' | head -c 13 ; echo
If you have some problems with tr
complaining about the input, try adding LC_ALL=C
like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~' </dev/urandom | head -c 13 ; echo
edited Apr 13 '17 at 12:36
Communityâ¦
1
1
answered Sep 19 '15 at 8:18
herbert
1,579148
1,579148
13
Or do this:head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digits
â Brandin
Sep 19 '15 at 8:47
7
The firsthead
command might be problematic. It will output the first 10 lines from/dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to thetr
command is random. It is possible that there will be less than 13 characters in the output fromtr
. I haven't computed the probability of this happening, the calculations are a bit tricky.
â kasperd
Sep 19 '15 at 22:40
4
Better do it like this:<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
@Rup I'm not sure what's not working with yourtr ..
command but just quoting everything (except for the single quote) works âÂÂtr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.
â Kenny Evitt
Aug 18 '16 at 19:33
 |Â
show 11 more comments
13
Or do this:head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digits
â Brandin
Sep 19 '15 at 8:47
7
The firsthead
command might be problematic. It will output the first 10 lines from/dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to thetr
command is random. It is possible that there will be less than 13 characters in the output fromtr
. I haven't computed the probability of this happening, the calculations are a bit tricky.
â kasperd
Sep 19 '15 at 22:40
4
Better do it like this:<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
@Rup I'm not sure what's not working with yourtr ..
command but just quoting everything (except for the single quote) works âÂÂtr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.
â Kenny Evitt
Aug 18 '16 at 19:33
13
13
Or do this:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digitsâ Brandin
Sep 19 '15 at 8:47
Or do this:
head /dev/urandom | tr -dc A-Za-z0-9 | head -c10
- This way is more accurate. You get 10 characters that are capitals, lowers, or digitsâ Brandin
Sep 19 '15 at 8:47
7
7
The first
head
command might be problematic. It will output the first 10 lines from /dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to the tr
command is random. It is possible that there will be less than 13 characters in the output from tr
. I haven't computed the probability of this happening, the calculations are a bit tricky.â kasperd
Sep 19 '15 at 22:40
The first
head
command might be problematic. It will output the first 10 lines from /dev/urandom
, which means it will stop once it has seen the 10th newline. So the length of the output send to the tr
command is random. It is possible that there will be less than 13 characters in the output from tr
. I haven't computed the probability of this happening, the calculations are a bit tricky.â kasperd
Sep 19 '15 at 22:40
4
4
Better do it like this:
<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
Better do it like this:
<dev/urandom tr -dc "$charset" | head -c "$length"
â PSkocik
Sep 20 '15 at 13:06
3
3
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:
tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
+1 Here's a quick attempt to include the other characters from the OWASP password special characters page, escaped for bash command line:
tr -dc A-Za-z0-9!"#$&'()*+,-./:\\;<=>?@^_`~
â Rup
Jul 28 '16 at 10:26
2
2
@Rup I'm not sure what's not working with your
tr ..
command but just quoting everything (except for the single quote) works â tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.â Kenny Evitt
Aug 18 '16 at 19:33
@Rup I'm not sure what's not working with your
tr ..
command but just quoting everything (except for the single quote) works â tr -dc 'A-Za-z0-9!"#$%&'''()*+,-./:;<=>?@[]^_`~'
.â Kenny Evitt
Aug 18 '16 at 19:33
 |Â
show 11 more comments
up vote
69
down vote
I am using the openssl
command, the swiss army knife of cryptography.
openssl rand -base64 12
or
openssl rand -hex 12
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the exampleopenssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
 |Â
show 1 more comment
up vote
69
down vote
I am using the openssl
command, the swiss army knife of cryptography.
openssl rand -base64 12
or
openssl rand -hex 12
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the exampleopenssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
 |Â
show 1 more comment
up vote
69
down vote
up vote
69
down vote
I am using the openssl
command, the swiss army knife of cryptography.
openssl rand -base64 12
or
openssl rand -hex 12
I am using the openssl
command, the swiss army knife of cryptography.
openssl rand -base64 12
or
openssl rand -hex 12
edited Aug 27 '16 at 17:29
answered Aug 27 '16 at 17:22
400 the Cat
647518
647518
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the exampleopenssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
 |Â
show 1 more comment
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the exampleopenssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
6
6
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).â Martin Tournoij
Aug 27 '16 at 17:37
rand -hex
will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).â Martin Tournoij
Aug 27 '16 at 17:37
@Carpetsmoker: Note that the example
openssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).â Dennis Williamson
May 19 '17 at 20:29
@Carpetsmoker: Note that the example
openssl rand -base64 12
produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).â Dennis Williamson
May 19 '17 at 20:29
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question.
â Martin Tournoij
May 19 '17 at 20:31
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
@Carpetsmoker: In that case, neither is this answer.
â Dennis Williamson
May 19 '17 at 20:58
1
1
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden.
â zentechinc
Sep 5 '17 at 16:34
 |Â
show 1 more comment
up vote
11
down vote
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the "fold", with other string processing tools.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
add a comment |Â
up vote
11
down vote
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the "fold", with other string processing tools.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
add a comment |Â
up vote
11
down vote
up vote
11
down vote
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the "fold", with other string processing tools.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the "fold", with other string processing tools.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1
answered Sep 20 '15 at 0:16
x1b2j
33413
33413
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
add a comment |Â
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
1
1
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
+1 I like this approach, thanks. Allows to control both length and number of generated strings.
â landroni
Sep 20 '15 at 6:12
3
3
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
Achievement unlocked: Unnecessary use of cat!
â user1338062
Oct 25 '16 at 9:26
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
@user1338062 An unhelpful comment. OP presumably isn't running on a PDP-10 and can afford to waste the whole circa 4KB of RAM on running cat. Lots of people have explained (again and again since the mid 1980s) why they find the bash one-liner style using cat easier to read and edit.
â jwg
May 16 at 15:04
add a comment |Â
up vote
10
down vote
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
< /dev/urandom tr -cd "[:print:]" | head -c 32; echo
This outputs all of the ASCII printable characters - from 32 (space) to 126 (tilde, ~
). The password length can be controlled with the head
's -c
flag. There are also other possible character sets in tr
(to not include the space, just characters 33-126, use [:graph:]
).
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want` characters in generated string.
` because is an escape character in many languages causes problems
â mzzzzb
Mar 8 at 14:36
add a comment |Â
up vote
10
down vote
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
< /dev/urandom tr -cd "[:print:]" | head -c 32; echo
This outputs all of the ASCII printable characters - from 32 (space) to 126 (tilde, ~
). The password length can be controlled with the head
's -c
flag. There are also other possible character sets in tr
(to not include the space, just characters 33-126, use [:graph:]
).
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want` characters in generated string.
` because is an escape character in many languages causes problems
â mzzzzb
Mar 8 at 14:36
add a comment |Â
up vote
10
down vote
up vote
10
down vote
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
< /dev/urandom tr -cd "[:print:]" | head -c 32; echo
This outputs all of the ASCII printable characters - from 32 (space) to 126 (tilde, ~
). The password length can be controlled with the head
's -c
flag. There are also other possible character sets in tr
(to not include the space, just characters 33-126, use [:graph:]
).
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
< /dev/urandom tr -cd "[:print:]" | head -c 32; echo
This outputs all of the ASCII printable characters - from 32 (space) to 126 (tilde, ~
). The password length can be controlled with the head
's -c
flag. There are also other possible character sets in tr
(to not include the space, just characters 33-126, use [:graph:]
).
answered Apr 27 '17 at 22:24
drws
10113
10113
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want` characters in generated string.
` because is an escape character in many languages causes problems
â mzzzzb
Mar 8 at 14:36
add a comment |Â
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want` characters in generated string.
` because is an escape character in many languages causes problems
â mzzzzb
Mar 8 at 14:36
1
1
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
In what way is this different from the existing answers? Specifically, herbert's comes to mind.
â Fox
Apr 27 '17 at 22:40
3
3
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
@Fox His solution uses hardcoded list of characters, which is not an encouraged programming practice because of code readability, compactness and cleanliness. Also some of the special printable ASCII characters could be interpreted by bash, not to mention the most obvious drawback of his one liner - if maximum entropy is desired, can one be sure that all of the available characters are included in the list? And that there are no duplicates which could possibly alter the tr's behaviour? His answer should be replaced by mine since you asked :)
â drws
Apr 29 '17 at 13:37
2
2
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
Many if not most web sites have restrictions on the characters that can be in a password, so hard-coding '[:print:]' doesn't feel any better to me than hard-coding the OWASP password special character list. I feel that almost every answer here could be improved by using a variable, but that is such a minor change that I'd only suggest an edit
â Fox
Apr 29 '17 at 13:54
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want ` characters in generated string.
` because is an escape character in many languages causes problemsâ mzzzzb
Mar 8 at 14:36
< /dev/urandom tr -cd '[:graph:]'| tr -d '\' | head -c 32; echo
if you dont want ` characters in generated string.
` because is an escape character in many languages causes problemsâ mzzzzb
Mar 8 at 14:36
add a comment |Â
up vote
7
down vote
Depending on the level of randomness you want, you could simply go with bash's (also zsh
and ksh
, possibly others) builtin $RANDOM
variable:
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
bfeci
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
cijjj
The methods reading directly from /dev/urandom
are far simpler, but for the sake of completion, you could also use $RANDOM
:
echo $(for((i=1;i<=13;i++)); do printf '%s' "$RANDOM:0:1"; done) | tr '[0-9]' '[a-zA-Z]'
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.$RANDOM
will print a number between 0 and 32767.
â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something likerand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.
â terdonâ¦
Sep 19 '15 at 16:12
 |Â
show 4 more comments
up vote
7
down vote
Depending on the level of randomness you want, you could simply go with bash's (also zsh
and ksh
, possibly others) builtin $RANDOM
variable:
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
bfeci
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
cijjj
The methods reading directly from /dev/urandom
are far simpler, but for the sake of completion, you could also use $RANDOM
:
echo $(for((i=1;i<=13;i++)); do printf '%s' "$RANDOM:0:1"; done) | tr '[0-9]' '[a-zA-Z]'
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.$RANDOM
will print a number between 0 and 32767.
â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something likerand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.
â terdonâ¦
Sep 19 '15 at 16:12
 |Â
show 4 more comments
up vote
7
down vote
up vote
7
down vote
Depending on the level of randomness you want, you could simply go with bash's (also zsh
and ksh
, possibly others) builtin $RANDOM
variable:
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
bfeci
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
cijjj
The methods reading directly from /dev/urandom
are far simpler, but for the sake of completion, you could also use $RANDOM
:
echo $(for((i=1;i<=13;i++)); do printf '%s' "$RANDOM:0:1"; done) | tr '[0-9]' '[a-zA-Z]'
Depending on the level of randomness you want, you could simply go with bash's (also zsh
and ksh
, possibly others) builtin $RANDOM
variable:
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
bfeci
$ echo $RANDOM | tr '[0-9]' '[a-zA-Z]'
cijjj
The methods reading directly from /dev/urandom
are far simpler, but for the sake of completion, you could also use $RANDOM
:
echo $(for((i=1;i<=13;i++)); do printf '%s' "$RANDOM:0:1"; done) | tr '[0-9]' '[a-zA-Z]'
edited Sep 19 '15 at 16:09
answered Sep 19 '15 at 13:08
terdonâ¦
124k29236414
124k29236414
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.$RANDOM
will print a number between 0 and 32767.
â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something likerand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.
â terdonâ¦
Sep 19 '15 at 16:12
 |Â
show 4 more comments
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.$RANDOM
will print a number between 0 and 32767.
â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something likerand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.
â terdonâ¦
Sep 19 '15 at 16:12
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
How do you control the length of the generated string?
â landroni
Sep 19 '15 at 13:33
@landroni I don't think you can short of using a loop until you get the right length.
$RANDOM
will print a number between 0 and 32767.â terdonâ¦
Sep 19 '15 at 13:36
@landroni I don't think you can short of using a loop until you get the right length.
$RANDOM
will print a number between 0 and 32767.â terdonâ¦
Sep 19 '15 at 13:36
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
I've tried running the command some 20 times, and I can never get anything longer than 4-5 chars...
â landroni
Sep 19 '15 at 13:38
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
@landroni yes, that's what I said, it generates numbers between 0 and 32767, so 5 digits will be the max. If you need longer ones or need to be able to specify the length, please edit your question and make that clear.
â terdonâ¦
Sep 19 '15 at 14:20
2
2
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something like
rand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.â terdonâ¦
Sep 19 '15 at 16:12
@landroni thanks, I've added a way to specify length but it's not very good. I'd just use something like
rand=$(head -c 100 /dev/urandom | tr -dc A-Za-z0-9 | head -c13)
instead.â terdonâ¦
Sep 19 '15 at 16:12
 |Â
show 4 more comments
up vote
5
down vote
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom
using head -c 100
. Another way to do this is with dd
:
tr -dc A-Za-z0-9 < /dev/urandom | dd bs=100 count=1 2>/dev/null
The 2>/dev/null
at the end of the dd
command is to suppress the "... records in / ... records out" output.
I'm not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr
complaining about the input. I thought this was because it didn't like receiving binary input, and hence suggested first filtering /dev/random
with iconv -c -t US
. However, Gilles suggested a different diagnosis and solution, which works for me:
LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | dd bs=100 count=1 2>/dev/null
For some reason theiconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...
â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided bylibc-bin
2.19. I'm not sure if it's the same iconv...
â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range likeA-Z
may be influenced by locale settings. TryLC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNUtr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, settingLC_ALL=C
will fix that.
â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does requiretr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)
â Gilles
Aug 27 '16 at 17:57
 |Â
show 1 more comment
up vote
5
down vote
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom
using head -c 100
. Another way to do this is with dd
:
tr -dc A-Za-z0-9 < /dev/urandom | dd bs=100 count=1 2>/dev/null
The 2>/dev/null
at the end of the dd
command is to suppress the "... records in / ... records out" output.
I'm not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr
complaining about the input. I thought this was because it didn't like receiving binary input, and hence suggested first filtering /dev/random
with iconv -c -t US
. However, Gilles suggested a different diagnosis and solution, which works for me:
LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | dd bs=100 count=1 2>/dev/null
For some reason theiconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...
â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided bylibc-bin
2.19. I'm not sure if it's the same iconv...
â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range likeA-Z
may be influenced by locale settings. TryLC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNUtr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, settingLC_ALL=C
will fix that.
â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does requiretr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)
â Gilles
Aug 27 '16 at 17:57
 |Â
show 1 more comment
up vote
5
down vote
up vote
5
down vote
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom
using head -c 100
. Another way to do this is with dd
:
tr -dc A-Za-z0-9 < /dev/urandom | dd bs=100 count=1 2>/dev/null
The 2>/dev/null
at the end of the dd
command is to suppress the "... records in / ... records out" output.
I'm not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr
complaining about the input. I thought this was because it didn't like receiving binary input, and hence suggested first filtering /dev/random
with iconv -c -t US
. However, Gilles suggested a different diagnosis and solution, which works for me:
LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | dd bs=100 count=1 2>/dev/null
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom
using head -c 100
. Another way to do this is with dd
:
tr -dc A-Za-z0-9 < /dev/urandom | dd bs=100 count=1 2>/dev/null
The 2>/dev/null
at the end of the dd
command is to suppress the "... records in / ... records out" output.
I'm not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr
complaining about the input. I thought this was because it didn't like receiving binary input, and hence suggested first filtering /dev/random
with iconv -c -t US
. However, Gilles suggested a different diagnosis and solution, which works for me:
LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | dd bs=100 count=1 2>/dev/null
edited Sep 20 '15 at 12:54
answered Sep 19 '15 at 9:18
dubiousjim
1,9581223
1,9581223
For some reason theiconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...
â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided bylibc-bin
2.19. I'm not sure if it's the same iconv...
â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range likeA-Z
may be influenced by locale settings. TryLC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNUtr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, settingLC_ALL=C
will fix that.
â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does requiretr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)
â Gilles
Aug 27 '16 at 17:57
 |Â
show 1 more comment
For some reason theiconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...
â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided bylibc-bin
2.19. I'm not sure if it's the same iconv...
â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range likeA-Z
may be influenced by locale settings. TryLC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNUtr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, settingLC_ALL=C
will fix that.
â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does requiretr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)
â Gilles
Aug 27 '16 at 17:57
For some reason the
iconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...â landroni
Sep 19 '15 at 9:38
For some reason the
iconv
solution maxes one CPU core and doesn't yield an output (I waited some 10s before killing it)...â landroni
Sep 19 '15 at 9:38
On my Ubuntu 14.04 system iconv is provided by
libc-bin
2.19. I'm not sure if it's the same iconv...â landroni
Sep 19 '15 at 13:36
On my Ubuntu 14.04 system iconv is provided by
libc-bin
2.19. I'm not sure if it's the same iconv...â landroni
Sep 19 '15 at 13:36
tr
supports binary input. However a range like A-Z
may be influenced by locale settings. Try LC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
tr
supports binary input. However a range like A-Z
may be influenced by locale settings. Try LC_ALL=C tr â¦
â Gilles
Sep 19 '15 at 20:27
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNU
tr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, setting LC_ALL=C
will fix that.â Martin Tournoij
Aug 27 '16 at 17:33
@Gilles According to the POSIX spec it doesn't "support binary input". Only GNU
tr
does because it doesn't support multibyte at all (e.g. last time I checked it changing case was implemented by simply setting the sixth bit of every byte). Other systems (e.g. BSD) do support multibyte and this will fail there since the chance that a random input stream is also a valid multibyte stream is very small in most encodings. GNU may add multibyte support at any given moment, at which point this will fail. Of course, setting LC_ALL=C
will fix that.â Martin Tournoij
Aug 27 '16 at 17:33
@Carpetsmoker POSIX does require
tr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)â Gilles
Aug 27 '16 at 17:57
@Carpetsmoker POSIX does require
tr
to process binary input (in the C locale). (Well, ok, it only says explicitly that null bytes are to be supported, it doesn't say that non-empty files not ending with a newline character are to be supported, but in practice that's always the case as well.)â Gilles
Aug 27 '16 at 17:57
 |Â
show 1 more comment
up vote
3
down vote
You can use one of md5
tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass
. It is a very simple tool to use and very helpful, since you can use "normal text" together with a "salt" to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
md5pass [password] [salt]
where password
is a chosen word that will be used for the construction of the random string and salt
is the jump in bytes to be used. Like this:
md5pass word
$1$.MUittVW$j.XDTF1QRnxqFdXRUiSLs0
This will create a "a random sequence" password for you to use. If you use no salt
, then you may not be able to recreate this same string afterwards.
However if you use a salt
like this:
md5pass word 512
$1$512$.0jcLPQ83jgszaPT8xzds0
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
When asalt
is being used, this sounds similar to the PasswordMaker approach...
â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
add a comment |Â
up vote
3
down vote
You can use one of md5
tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass
. It is a very simple tool to use and very helpful, since you can use "normal text" together with a "salt" to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
md5pass [password] [salt]
where password
is a chosen word that will be used for the construction of the random string and salt
is the jump in bytes to be used. Like this:
md5pass word
$1$.MUittVW$j.XDTF1QRnxqFdXRUiSLs0
This will create a "a random sequence" password for you to use. If you use no salt
, then you may not be able to recreate this same string afterwards.
However if you use a salt
like this:
md5pass word 512
$1$512$.0jcLPQ83jgszaPT8xzds0
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
When asalt
is being used, this sounds similar to the PasswordMaker approach...
â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
add a comment |Â
up vote
3
down vote
up vote
3
down vote
You can use one of md5
tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass
. It is a very simple tool to use and very helpful, since you can use "normal text" together with a "salt" to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
md5pass [password] [salt]
where password
is a chosen word that will be used for the construction of the random string and salt
is the jump in bytes to be used. Like this:
md5pass word
$1$.MUittVW$j.XDTF1QRnxqFdXRUiSLs0
This will create a "a random sequence" password for you to use. If you use no salt
, then you may not be able to recreate this same string afterwards.
However if you use a salt
like this:
md5pass word 512
$1$512$.0jcLPQ83jgszaPT8xzds0
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
You can use one of md5
tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass
. It is a very simple tool to use and very helpful, since you can use "normal text" together with a "salt" to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
md5pass [password] [salt]
where password
is a chosen word that will be used for the construction of the random string and salt
is the jump in bytes to be used. Like this:
md5pass word
$1$.MUittVW$j.XDTF1QRnxqFdXRUiSLs0
This will create a "a random sequence" password for you to use. If you use no salt
, then you may not be able to recreate this same string afterwards.
However if you use a salt
like this:
md5pass word 512
$1$512$.0jcLPQ83jgszaPT8xzds0
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
edited Sep 26 '15 at 8:49
landroni
2,99582235
2,99582235
answered Sep 25 '15 at 19:24
Paulo Maia
601159
601159
When asalt
is being used, this sounds similar to the PasswordMaker approach...
â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
add a comment |Â
When asalt
is being used, this sounds similar to the PasswordMaker approach...
â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
When a
salt
is being used, this sounds similar to the PasswordMaker approach...â landroni
Sep 26 '15 at 8:20
When a
salt
is being used, this sounds similar to the PasswordMaker approach...â landroni
Sep 26 '15 at 8:20
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
-Yes May sound similar to one maker password, but the difference is that it is not a commercial program or anything, because the set of md5 tools, "md5pass, md5sum, md5sum.textutils" dealt with here are concerned and are available the system at no cost some !!!
â Paulo Maia
Sep 26 '15 at 13:17
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
I actually had in mind PasswordMaker, which is also open-source and non-commercial.
â landroni
Sep 26 '15 at 16:43
add a comment |Â
up vote
2
down vote
These two commands generate random passwords and passphrases, respectively.
shuf --random-source=/dev/urandom --repeat --head-count=20 file_with_characters | tr --delete 'n'
shuf --random-source=/dev/urandom --repeat --head-count=7 file_with_words | tr 'n' ' '
The password generator requires a file_with_characters containing all the characters you want the password to use, one character per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The passphrase generator requires a file_with_words containing all the words you want the passphrase to use, one word per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The --head-count option specifies the length of the password--in characters--or passphrase--in words.
add a comment |Â
up vote
2
down vote
These two commands generate random passwords and passphrases, respectively.
shuf --random-source=/dev/urandom --repeat --head-count=20 file_with_characters | tr --delete 'n'
shuf --random-source=/dev/urandom --repeat --head-count=7 file_with_words | tr 'n' ' '
The password generator requires a file_with_characters containing all the characters you want the password to use, one character per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The passphrase generator requires a file_with_words containing all the words you want the passphrase to use, one word per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The --head-count option specifies the length of the password--in characters--or passphrase--in words.
add a comment |Â
up vote
2
down vote
up vote
2
down vote
These two commands generate random passwords and passphrases, respectively.
shuf --random-source=/dev/urandom --repeat --head-count=20 file_with_characters | tr --delete 'n'
shuf --random-source=/dev/urandom --repeat --head-count=7 file_with_words | tr 'n' ' '
The password generator requires a file_with_characters containing all the characters you want the password to use, one character per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The passphrase generator requires a file_with_words containing all the words you want the passphrase to use, one word per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The --head-count option specifies the length of the password--in characters--or passphrase--in words.
These two commands generate random passwords and passphrases, respectively.
shuf --random-source=/dev/urandom --repeat --head-count=20 file_with_characters | tr --delete 'n'
shuf --random-source=/dev/urandom --repeat --head-count=7 file_with_words | tr 'n' ' '
The password generator requires a file_with_characters containing all the characters you want the password to use, one character per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The passphrase generator requires a file_with_words containing all the words you want the passphrase to use, one word per line, and exactly one time each. The file must not contain blank lines, and lines must be newline-terminated.
The --head-count option specifies the length of the password--in characters--or passphrase--in words.
answered Aug 27 '16 at 16:47
Pablo Repetto
211
211
add a comment |Â
add a comment |Â
up vote
1
down vote
Inspired by Pablo Repetto I ended up with this easy to remember solution:
shuf -zer -n20 A..Z a..z 0..9
-z avoids multi line output
-e echo the result
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
A..Z a..z 0..9 allowed char classes
shuf
is part of the linux coreutils and widely available or at least been ported.
add a comment |Â
up vote
1
down vote
Inspired by Pablo Repetto I ended up with this easy to remember solution:
shuf -zer -n20 A..Z a..z 0..9
-z avoids multi line output
-e echo the result
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
A..Z a..z 0..9 allowed char classes
shuf
is part of the linux coreutils and widely available or at least been ported.
add a comment |Â
up vote
1
down vote
up vote
1
down vote
Inspired by Pablo Repetto I ended up with this easy to remember solution:
shuf -zer -n20 A..Z a..z 0..9
-z avoids multi line output
-e echo the result
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
A..Z a..z 0..9 allowed char classes
shuf
is part of the linux coreutils and widely available or at least been ported.
Inspired by Pablo Repetto I ended up with this easy to remember solution:
shuf -zer -n20 A..Z a..z 0..9
-z avoids multi line output
-e echo the result
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
A..Z a..z 0..9 allowed char classes
shuf
is part of the linux coreutils and widely available or at least been ported.
answered Oct 29 '16 at 22:06
entwicklerseite
111
111
add a comment |Â
add a comment |Â
up vote
1
down vote
APG
is the default software in linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital un Small, it is :
apg -MSNCL -m 5 -x 10
Returns
@OpVeyhym9
3:Glul
3DroomIc?
hed&Os0
NefIj%Ob3
35Quok}
As said by @landroni a comment.
Here are the options to generate random 14 letter passwords containing lots of special characters:apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
add a comment |Â
up vote
1
down vote
APG
is the default software in linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital un Small, it is :
apg -MSNCL -m 5 -x 10
Returns
@OpVeyhym9
3:Glul
3DroomIc?
hed&Os0
NefIj%Ob3
35Quok}
As said by @landroni a comment.
Here are the options to generate random 14 letter passwords containing lots of special characters:apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
add a comment |Â
up vote
1
down vote
up vote
1
down vote
APG
is the default software in linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital un Small, it is :
apg -MSNCL -m 5 -x 10
Returns
@OpVeyhym9
3:Glul
3DroomIc?
hed&Os0
NefIj%Ob3
35Quok}
As said by @landroni a comment.
APG
is the default software in linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital un Small, it is :
apg -MSNCL -m 5 -x 10
Returns
@OpVeyhym9
3:Glul
3DroomIc?
hed&Os0
NefIj%Ob3
35Quok}
As said by @landroni a comment.
answered Jan 22 '17 at 15:24
Sandburg
658
658
Here are the options to generate random 14 letter passwords containing lots of special characters:apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
add a comment |Â
Here are the options to generate random 14 letter passwords containing lots of special characters:apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
Here are the options to generate random 14 letter passwords containing lots of special characters:
apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
Here are the options to generate random 14 letter passwords containing lots of special characters:
apg -a1 -m14
â neuhaus
Nov 11 '17 at 19:10
add a comment |Â
up vote
0
down vote
A super easy and simple (probably more simple than you're looking for) way to achieve this would be to generate a random number in a given range, convert that number to its equivalent ASCII character, and append it to the end of a string.
Here's a basic example in Python:
import random # import random library
passFile = open("passwords.txt", 'w') # create file passwords.txt
passNum = int(input("Number of passwords: ")) # get number of passwords
passLength = int(input("Password length: ")) # get length of passwords
for i in range(passNum):
password = "" # reset password
for i in range(passLength):
num = random.randint(65, 122) # get random number
while num in range(91, 97): # Don't include punctuation
num = random.randint(65, 122)
password += chr(num) # add character to current password
passFile.write(password + "n") # add current password to file
passFile.close() # close file
EDIT: added comments, and added code to generate multiple passwords and write them to a file
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
add a comment |Â
up vote
0
down vote
A super easy and simple (probably more simple than you're looking for) way to achieve this would be to generate a random number in a given range, convert that number to its equivalent ASCII character, and append it to the end of a string.
Here's a basic example in Python:
import random # import random library
passFile = open("passwords.txt", 'w') # create file passwords.txt
passNum = int(input("Number of passwords: ")) # get number of passwords
passLength = int(input("Password length: ")) # get length of passwords
for i in range(passNum):
password = "" # reset password
for i in range(passLength):
num = random.randint(65, 122) # get random number
while num in range(91, 97): # Don't include punctuation
num = random.randint(65, 122)
password += chr(num) # add character to current password
passFile.write(password + "n") # add current password to file
passFile.close() # close file
EDIT: added comments, and added code to generate multiple passwords and write them to a file
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
add a comment |Â
up vote
0
down vote
up vote
0
down vote
A super easy and simple (probably more simple than you're looking for) way to achieve this would be to generate a random number in a given range, convert that number to its equivalent ASCII character, and append it to the end of a string.
Here's a basic example in Python:
import random # import random library
passFile = open("passwords.txt", 'w') # create file passwords.txt
passNum = int(input("Number of passwords: ")) # get number of passwords
passLength = int(input("Password length: ")) # get length of passwords
for i in range(passNum):
password = "" # reset password
for i in range(passLength):
num = random.randint(65, 122) # get random number
while num in range(91, 97): # Don't include punctuation
num = random.randint(65, 122)
password += chr(num) # add character to current password
passFile.write(password + "n") # add current password to file
passFile.close() # close file
EDIT: added comments, and added code to generate multiple passwords and write them to a file
A super easy and simple (probably more simple than you're looking for) way to achieve this would be to generate a random number in a given range, convert that number to its equivalent ASCII character, and append it to the end of a string.
Here's a basic example in Python:
import random # import random library
passFile = open("passwords.txt", 'w') # create file passwords.txt
passNum = int(input("Number of passwords: ")) # get number of passwords
passLength = int(input("Password length: ")) # get length of passwords
for i in range(passNum):
password = "" # reset password
for i in range(passLength):
num = random.randint(65, 122) # get random number
while num in range(91, 97): # Don't include punctuation
num = random.randint(65, 122)
password += chr(num) # add character to current password
passFile.write(password + "n") # add current password to file
passFile.close() # close file
EDIT: added comments, and added code to generate multiple passwords and write them to a file
edited Sep 20 '15 at 7:14
alexwlchan
50337
50337
answered Sep 20 '15 at 0:09
camelCaseEnthusiast
11
11
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
add a comment |Â
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
2
2
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
If given the power of Python I would NOT do it in this fashion. It would be much easier to use a join on a string containing all characters valid for a password and using random to select out the characters.
â Mike McMahon
Sep 20 '15 at 5:20
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
better to use Python like this code.activestate.com/recipes/578468-password-generator-mkpasswd
â Grijesh Chauhan
Sep 21 '15 at 9:16
add a comment |Â
up vote
0
down vote
I maintain secpwgen
in Alpine Linux & keep the sources on my Github.
It can produce random strings or diceware phrases:
musl64 [~]$ secpwgen
USAGE: secpwgen <-p[e] | -A[adhsy] | -r | -s[e]> N
PASSPHRASE of N words from Diceware dictionary
-p generate passphrase
-pe generate enhanced (with symbols) passphrase
SKEY PASSWORD of N words from S/Key dictionary
-s generate passphrase
-se generate enhanced (with symbols) passphrase
ASCII RANDOM of N elements (at least one option MUST be present)
-A Each letter adds the following random elements in output:
a alphanumeric characters
d decimal digits
h hexadecimal digits
s special characters
y 3-4 letter syllables
RAW RANDOM
-r output BASE64 encoded string of N random BITS
-k output koremutake encoding of N random BITS
To generate a 13 character random string you would use:
musl64 [~]$ secpwgen -Aas 13
----------------
WK5#*V<]M3<CU ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
musl64 [~]$ secpwgen -Aa 13
----------------
GP0FIEBM9Y3BT ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
For users to remember a password use the diceware phrases:
musl64 [~]$ secpwgen -p 5
----------------
wq seen list n8 kerr ;ENTROPY=65.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I personally like:
musl64 [~]$ secpwgen -r 512
----------------
h62lL7G4gwh3/j9c7YteQvVXoqJrQKKPWVR3Lt7az36DcfWZWtUgBT19iwmJBwP4UahNzPe7qYD7OcklUFpCzQ== ;ENTROPY=512.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
add a comment |Â
up vote
0
down vote
I maintain secpwgen
in Alpine Linux & keep the sources on my Github.
It can produce random strings or diceware phrases:
musl64 [~]$ secpwgen
USAGE: secpwgen <-p[e] | -A[adhsy] | -r | -s[e]> N
PASSPHRASE of N words from Diceware dictionary
-p generate passphrase
-pe generate enhanced (with symbols) passphrase
SKEY PASSWORD of N words from S/Key dictionary
-s generate passphrase
-se generate enhanced (with symbols) passphrase
ASCII RANDOM of N elements (at least one option MUST be present)
-A Each letter adds the following random elements in output:
a alphanumeric characters
d decimal digits
h hexadecimal digits
s special characters
y 3-4 letter syllables
RAW RANDOM
-r output BASE64 encoded string of N random BITS
-k output koremutake encoding of N random BITS
To generate a 13 character random string you would use:
musl64 [~]$ secpwgen -Aas 13
----------------
WK5#*V<]M3<CU ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
musl64 [~]$ secpwgen -Aa 13
----------------
GP0FIEBM9Y3BT ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
For users to remember a password use the diceware phrases:
musl64 [~]$ secpwgen -p 5
----------------
wq seen list n8 kerr ;ENTROPY=65.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I personally like:
musl64 [~]$ secpwgen -r 512
----------------
h62lL7G4gwh3/j9c7YteQvVXoqJrQKKPWVR3Lt7az36DcfWZWtUgBT19iwmJBwP4UahNzPe7qYD7OcklUFpCzQ== ;ENTROPY=512.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I maintain secpwgen
in Alpine Linux & keep the sources on my Github.
It can produce random strings or diceware phrases:
musl64 [~]$ secpwgen
USAGE: secpwgen <-p[e] | -A[adhsy] | -r | -s[e]> N
PASSPHRASE of N words from Diceware dictionary
-p generate passphrase
-pe generate enhanced (with symbols) passphrase
SKEY PASSWORD of N words from S/Key dictionary
-s generate passphrase
-se generate enhanced (with symbols) passphrase
ASCII RANDOM of N elements (at least one option MUST be present)
-A Each letter adds the following random elements in output:
a alphanumeric characters
d decimal digits
h hexadecimal digits
s special characters
y 3-4 letter syllables
RAW RANDOM
-r output BASE64 encoded string of N random BITS
-k output koremutake encoding of N random BITS
To generate a 13 character random string you would use:
musl64 [~]$ secpwgen -Aas 13
----------------
WK5#*V<]M3<CU ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
musl64 [~]$ secpwgen -Aa 13
----------------
GP0FIEBM9Y3BT ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
For users to remember a password use the diceware phrases:
musl64 [~]$ secpwgen -p 5
----------------
wq seen list n8 kerr ;ENTROPY=65.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I personally like:
musl64 [~]$ secpwgen -r 512
----------------
h62lL7G4gwh3/j9c7YteQvVXoqJrQKKPWVR3Lt7az36DcfWZWtUgBT19iwmJBwP4UahNzPe7qYD7OcklUFpCzQ== ;ENTROPY=512.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I maintain secpwgen
in Alpine Linux & keep the sources on my Github.
It can produce random strings or diceware phrases:
musl64 [~]$ secpwgen
USAGE: secpwgen <-p[e] | -A[adhsy] | -r | -s[e]> N
PASSPHRASE of N words from Diceware dictionary
-p generate passphrase
-pe generate enhanced (with symbols) passphrase
SKEY PASSWORD of N words from S/Key dictionary
-s generate passphrase
-se generate enhanced (with symbols) passphrase
ASCII RANDOM of N elements (at least one option MUST be present)
-A Each letter adds the following random elements in output:
a alphanumeric characters
d decimal digits
h hexadecimal digits
s special characters
y 3-4 letter syllables
RAW RANDOM
-r output BASE64 encoded string of N random BITS
-k output koremutake encoding of N random BITS
To generate a 13 character random string you would use:
musl64 [~]$ secpwgen -Aas 13
----------------
WK5#*V<]M3<CU ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
musl64 [~]$ secpwgen -Aa 13
----------------
GP0FIEBM9Y3BT ;ENTROPY=67.21 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
For users to remember a password use the diceware phrases:
musl64 [~]$ secpwgen -p 5
----------------
wq seen list n8 kerr ;ENTROPY=65.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
I personally like:
musl64 [~]$ secpwgen -r 512
----------------
h62lL7G4gwh3/j9c7YteQvVXoqJrQKKPWVR3Lt7az36DcfWZWtUgBT19iwmJBwP4UahNzPe7qYD7OcklUFpCzQ== ;ENTROPY=512.00 bits
----------------
INFO: destroying random number generator.
INFO: zeroing memory.
answered Apr 7 '17 at 3:14
Stuart Cardall
70659
70659
add a comment |Â
add a comment |Â
up vote
0
down vote
I've found that piping /dev/urandom to tr on macOS didn't work. Here's another way:
set="abcdefghijklmonpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
n=6
rand=""
for i in `seq 1 $n`; do
char=$set:$RANDOM % $#set:1
rand+=$char
done
echo $rand
add a comment |Â
up vote
0
down vote
I've found that piping /dev/urandom to tr on macOS didn't work. Here's another way:
set="abcdefghijklmonpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
n=6
rand=""
for i in `seq 1 $n`; do
char=$set:$RANDOM % $#set:1
rand+=$char
done
echo $rand
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I've found that piping /dev/urandom to tr on macOS didn't work. Here's another way:
set="abcdefghijklmonpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
n=6
rand=""
for i in `seq 1 $n`; do
char=$set:$RANDOM % $#set:1
rand+=$char
done
echo $rand
I've found that piping /dev/urandom to tr on macOS didn't work. Here's another way:
set="abcdefghijklmonpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
n=6
rand=""
for i in `seq 1 $n`; do
char=$set:$RANDOM % $#set:1
rand+=$char
done
echo $rand
answered Jul 18 at 21:59
Jake
1616
1616
add a comment |Â
add a comment |Â
up vote
0
down vote
I use:
base64 < /dev/urandom | tr -d 'O0Il1+' | head -c 44
This gives me 57 possible characters. The string can be copy-pasted (removed +
and ) or printed and retyped as the difficult to distinguish characters (
I1lO0
) have been removed.
- 44 characters gives me: log2(5744) > 256.64 bits of entropy
- 22 characters gives me: log2(5744) > 128.32 bits of entropy
I like this because:
- it is simple to type/remember
- it uses standard system tools - no extra binaries
- doesn't "waste" much randomness (uses 89% of the random bits it receives vs ~24% for solutions directly piping to tr)
- 22 and 44 characters pair quite nicely (just above even) common power of two breakpoints
- the output can be easily selected and pasted or printed and retyped with minimal human error rates
- shorter than hex encoded (32 and 64 instead of 22 and 44) solutions such as md5sum/sha1sum, etc.
Credit to https://unix.stackexchange.com/a/230676/9583 and especially the comments for my initial inspiration.
add a comment |Â
up vote
0
down vote
I use:
base64 < /dev/urandom | tr -d 'O0Il1+' | head -c 44
This gives me 57 possible characters. The string can be copy-pasted (removed +
and ) or printed and retyped as the difficult to distinguish characters (
I1lO0
) have been removed.
- 44 characters gives me: log2(5744) > 256.64 bits of entropy
- 22 characters gives me: log2(5744) > 128.32 bits of entropy
I like this because:
- it is simple to type/remember
- it uses standard system tools - no extra binaries
- doesn't "waste" much randomness (uses 89% of the random bits it receives vs ~24% for solutions directly piping to tr)
- 22 and 44 characters pair quite nicely (just above even) common power of two breakpoints
- the output can be easily selected and pasted or printed and retyped with minimal human error rates
- shorter than hex encoded (32 and 64 instead of 22 and 44) solutions such as md5sum/sha1sum, etc.
Credit to https://unix.stackexchange.com/a/230676/9583 and especially the comments for my initial inspiration.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I use:
base64 < /dev/urandom | tr -d 'O0Il1+' | head -c 44
This gives me 57 possible characters. The string can be copy-pasted (removed +
and ) or printed and retyped as the difficult to distinguish characters (
I1lO0
) have been removed.
- 44 characters gives me: log2(5744) > 256.64 bits of entropy
- 22 characters gives me: log2(5744) > 128.32 bits of entropy
I like this because:
- it is simple to type/remember
- it uses standard system tools - no extra binaries
- doesn't "waste" much randomness (uses 89% of the random bits it receives vs ~24% for solutions directly piping to tr)
- 22 and 44 characters pair quite nicely (just above even) common power of two breakpoints
- the output can be easily selected and pasted or printed and retyped with minimal human error rates
- shorter than hex encoded (32 and 64 instead of 22 and 44) solutions such as md5sum/sha1sum, etc.
Credit to https://unix.stackexchange.com/a/230676/9583 and especially the comments for my initial inspiration.
I use:
base64 < /dev/urandom | tr -d 'O0Il1+' | head -c 44
This gives me 57 possible characters. The string can be copy-pasted (removed +
and ) or printed and retyped as the difficult to distinguish characters (
I1lO0
) have been removed.
- 44 characters gives me: log2(5744) > 256.64 bits of entropy
- 22 characters gives me: log2(5744) > 128.32 bits of entropy
I like this because:
- it is simple to type/remember
- it uses standard system tools - no extra binaries
- doesn't "waste" much randomness (uses 89% of the random bits it receives vs ~24% for solutions directly piping to tr)
- 22 and 44 characters pair quite nicely (just above even) common power of two breakpoints
- the output can be easily selected and pasted or printed and retyped with minimal human error rates
- shorter than hex encoded (32 and 64 instead of 22 and 44) solutions such as md5sum/sha1sum, etc.
Credit to https://unix.stackexchange.com/a/230676/9583 and especially the comments for my initial inspiration.
answered 6 mins ago
Iiridayn
1317
1317
add a comment |Â
add a comment |Â
up vote
-1
down vote
I'd like this command:
date +%s | sha256sum | base64 | head -c 12
1
I would rather use more random nanoseconds approach:date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.
â John Mayor
Apr 28 '17 at 12:53
1
@JohnMayor: is this approach more robust:dd if=/dev/random bs=512 count=1
?
â Eugen Konkov
Apr 28 '17 at 13:48
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
add a comment |Â
up vote
-1
down vote
I'd like this command:
date +%s | sha256sum | base64 | head -c 12
1
I would rather use more random nanoseconds approach:date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.
â John Mayor
Apr 28 '17 at 12:53
1
@JohnMayor: is this approach more robust:dd if=/dev/random bs=512 count=1
?
â Eugen Konkov
Apr 28 '17 at 13:48
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
add a comment |Â
up vote
-1
down vote
up vote
-1
down vote
I'd like this command:
date +%s | sha256sum | base64 | head -c 12
I'd like this command:
date +%s | sha256sum | base64 | head -c 12
answered Nov 19 '16 at 10:13
Eugen Konkov
17411
17411
1
I would rather use more random nanoseconds approach:date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.
â John Mayor
Apr 28 '17 at 12:53
1
@JohnMayor: is this approach more robust:dd if=/dev/random bs=512 count=1
?
â Eugen Konkov
Apr 28 '17 at 13:48
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
add a comment |Â
1
I would rather use more random nanoseconds approach:date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.
â John Mayor
Apr 28 '17 at 12:53
1
@JohnMayor: is this approach more robust:dd if=/dev/random bs=512 count=1
?
â Eugen Konkov
Apr 28 '17 at 13:48
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
1
1
I would rather use more random nanoseconds approach:
date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.â John Mayor
Apr 28 '17 at 12:53
I would rather use more random nanoseconds approach:
date +%N
Since if you generate many users and passwords in a script, the seconds might become same for many or even for all date commands, thus producing identical passwords.â John Mayor
Apr 28 '17 at 12:53
1
1
@JohnMayor: is this approach more robust:
dd if=/dev/random bs=512 count=1
?â Eugen Konkov
Apr 28 '17 at 13:48
@JohnMayor: is this approach more robust:
dd if=/dev/random bs=512 count=1
?â Eugen Konkov
Apr 28 '17 at 13:48
5
5
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
This answers is highly dangerous! You generate the password(s) from a known seed which is easy to predict. I could generate all passwords generated using this method of the last years and use this list for brute forcing purposes.
â Flow
Jul 1 '17 at 17:20
add a comment |Â
up vote
-3
down vote
I go, to
http://passwordsgenerator.net/
it allows generating strings of random characters up to 2048 characters, selecting upper case, lower case, digits 0 to 9, punctuation marks, or any combination.
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
add a comment |Â
up vote
-3
down vote
I go, to
http://passwordsgenerator.net/
it allows generating strings of random characters up to 2048 characters, selecting upper case, lower case, digits 0 to 9, punctuation marks, or any combination.
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
add a comment |Â
up vote
-3
down vote
up vote
-3
down vote
I go, to
http://passwordsgenerator.net/
it allows generating strings of random characters up to 2048 characters, selecting upper case, lower case, digits 0 to 9, punctuation marks, or any combination.
I go, to
http://passwordsgenerator.net/
it allows generating strings of random characters up to 2048 characters, selecting upper case, lower case, digits 0 to 9, punctuation marks, or any combination.
answered Sep 25 '15 at 19:05
KrazyKyngeKorny
1
1
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
add a comment |Â
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
1
1
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
I've clarified the question to make it explicit that off-line generated strings are preferable. Generating a password directly on a website, especially if the connection is not HTTPS (as in your answer), is not secure.
â landroni
Sep 26 '15 at 7:09
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
Getting a random password from the internet is spectacularly stupid & naive. Someone now knows a password you are using for some service or site and unique personal details about you (IP address, browser/environment info). This site can now cross-reference the info with other data collected about you. For example, you once posted to a mailing list, your IP address is in the mailâÂÂs header, so we now have a password, name, and an email address... You are really trusting random strangers with your passwords here.
â Martin Tournoij
Aug 27 '16 at 17:35
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f230673%2fhow-to-generate-a-random-string%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
There are already good answers are at AskUbuntu. (I use
apg
personally.)â Sparhawk
Sep 20 '15 at 13:07
1
@Sparhawk The AskUbuntu question/answers are more about listing tools. Please consider adding an answer here exhibiting how to use
apg
to generate a random string.â landroni
Sep 20 '15 at 15:51
1
Be cautious about using random number generation on computers. Some are much less random than they appear, but telling the difference between 'good' and 'bad' random number generation is quite hard.
â Sobrique
Sep 21 '15 at 11:15
@Sobrique Excellent point about pseudo-random number generators (e.g.
/dev/urandom
). Would be nice to have some answers using true random number generators, based on e.g. random.org.â landroni
Sep 21 '15 at 11:23
11
Joke answer: To generate a truly random string, place a new user in front of Emacs (or Vim) and ask them to exit. ;)
â Wildcard
Oct 30 '16 at 4:51