Mnemonic passwords generally stink. A random sequence of letters, digits and punctuation is more secure—just don't write down your passwords, like the knucklehead antagonist does in Ready Player One!
In the password generating tool from my last article, at its most simple, you specify the number of characters you want in the password, and each is then chosen randomly from a pool of acceptable values. With the built-in RANDOM in the Linux shell, that's super easy to do:
okay="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
okay="${okay}0123456789<>/?,>;:[{]}\|=+-_)(^%$#@!~
length=10
ltrs=${#okay}
while [ $length -ge 0 ]
do
letter="${okay:$RANDOM % $ltrs:1}"
result="$result$letter"
length=$(( $length - 1 ))
done
echo "Result: $result"
In the actual script, I set okay to a single value rather than build it in two steps; this is just for formatting here online. Otherwise, ltrs is set to the length of $okay as a speedy shortcut, and the result is built up by using the string slicing syntax of:
${variable:indexlocation:length}
To extract just the fourth character of a string, for example, ${string:4:1}, this works fine and is easy. The result speaks for itself:
$ sh lazy-passwords.sh
Result: Ojkr9>|}dMr
And, a few more:
Result: Mi8]TfJKVaH
Result: >MWvF2D/R?r
Result: h>J6\p4eNPH
Result: KixhCFZaesr
Where this becomes a more complex challenge is when you decide you don't want to have things randomly selected but instead want to weight the results so that you have more letters than digits, or no more than a few punctuation characters, even on a 15–20 character password.
Which is, of course, exactly what I've been building.
I have to admit that there's a certain lure to making something complex, if nothing else than just to see if it can be done and work properly.
Adding Weight to Letter Choices
As a result, the simple few lines above changed to this in my last article:
from Linux Journal - The Original Magazine of the Linux Community https://ift.tt/2K7YcUO
via IFTTT
No comments:
Post a Comment