<div dir="ltr"><div>Here is something I borrowed from Christopher Night. I don't know how to link to it directly since it was posted on Google+.</div><div>"""</div><div>To generate 10 good passwords on Linux:</div>
<div><br></div><div>tr -cd a-z < /dev/urandom | fold -b8 | head</div><div><br></div><div>This chooses 8 lowercase letters at random. Some password systems will tell you these passwords are weak because they're short and don't contain numbers, capitals, or punctuation, but the fact that they're generated by a computer rather than by a human more than makes up for this fact. These 8-letter passwords have 38 bits of entropy, which NIST estimates to be as strong as a user-chosen password (that includes numbers, capitals, and punctuation) of 22 characters. This should be enough for just about anyone.</div>
<div><br></div><div>If you need extremely high-entropy passwords for something, you can change "a-z" to a bigger selection of characters and/or increase the length of the password:</div><div><br></div><div>tr -cd [:print:] < /dev/urandom | fold -b14 | head</div>
<div><br></div><div>These 14-character passwords have 92 bits of entropy, which according to the NIST estimate is the same as a user-generated password of 76 characters.</div><div>"""</div><div class="gmail_extra">
<br clear="all"><div><div dir="ltr">...John<div><br></div></div></div>
<br><br><div class="gmail_quote">On Mon, Mar 4, 2013 at 1:33 PM, Richard Bronosky <span dir="ltr"><<a href="mailto:richard@bronosky.com" target="_blank">richard@bronosky.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I use XKCD passwords <a href="http://xkcd.com/936/" target="_blank">http://xkcd.com/936/</a><div><br></div><div>I've been pleasantly surprised to find most of the services I care about don't complain about my 30+ character passwords. I really wish they would be smarter about entropy measurement rather than just insisting on some stupid rules be satisfied.</div>
</div><div class="gmail_extra"><br><br></div></blockquote></div></div></div>