Re: One-line password generator
On Fri, Sep 01, 2017 at 08:46:33PM +0100, Brian wrote:
> On Fri 01 Sep 2017 at 09:58:19 -0500, Mario Castelán Castro wrote:
> > On 22/08/17 10:04, Mario Castelán Castro wrote:
> > > I have the following line in my Bash init file:
> > >
> > > “alias gen-password="head -c 16 /dev/urandom | base64 | head -c 22 && echo"”
> > >
> > > This generates a password with just above 128 bits of entropy. You may
> > > find it useful.
> > A slight simplification:
> > alias gen-password="head -c 16 /dev/urandom | base64 | cut -c -22"
> I too would like to adjust some of my arguments to meet the many good
> points which have been raised in this thread. Here is a password
> for my bank. Where does the password come from? It doesn't matter. Let
> us say I wrote down as I sat and watched TV. It is not a result of the
> what is above. Is this going to be guessed in any reasonable time by
> being attacked online? I would say not. It actually fulfills all the
> conditions that many banking sites advise. Numerals, upper and lower
> case letters and symbols and no dictionary words. Plus it has length. A
> star example, in other words.
> Unbeknownst to me (and totally outside my area of responsibility) the
> bank's database is seriously compromised; an attack on its structure (or
> a disgruntled employee) leads to the hashed passwords being leaked.
> How safe is the password above?
Once you've published a so-called password, it's security value
approaches something much closer to "none" than whatever value it
used to have - even if it is some fancy hash.