Sliced Software

Sliced Software strives to produce high quality, easy to use software.

Software

PGnJ An intuitive Database Development Environment for Mac OS X.

Seymore Content management, made easy.

Argus Issue tracking for the rest of us.

@twitter

I Love Camino!

This post is not yet over at tumblr! But it will be soon.
June 20

pwgen: Secure Password Generator


pwgen is a simple command line utility for generating secure passwords. I know what you're thinking, 'like I need another random String generator'. Well, pwgen does generate random Strings, yes, but pwgen can also generate passwords based on dictionary words. If you pass a dictionary file to pwgen, it will randomly choose a word from the list and manipulate it into a strong, memorable password.

It was pretty fun writing this little utility when it simply generated passwords but last night I came across a java port of getopt which led me to release my utility for all to use. I have to say that getopt is really excellent and if you are ever writing a command line utility that can be run with different options, I highly suggest it. In fact, I have been meaning to update some utilities I wrote for work and I may go back and incorporate getopt now.

The dictionary word manipulation is pretty interesting. I have a method that accepts a list of dictionary words, a minimum password length, a maximum password length and the maximum amount of characters to be replaced with random numbers. I randomly choose a dictionary word, say 'diversity'. Then I check to see if it is less than the maximum, if not, I randomly remove letters until it is the maximum password length. Then I choose a random number between 1 and the maximum amount of characters to be replaced with random numbers passed to the method, say 3. The number that gets picked may be 2, for example. Then I randomly select a character from the String and replace it with a random number from 0 to 9, two times (because 2 was picked). In this particular example, the generated string was 'd9ver1ity'. Perfectly secure, and not that hard to remember.

There are a lot of options for pwgen and running it with no flags or with -h will give you the whole list. Oh, also, I have bundled the source with the download and am releasing it under the BSD license. I also have a syntax highlighted version here.

Enjoy and may all of your passwords be nice and strong!