Passphrase Generators


Since passphrases are more secure than passwords, I have started using them for different sites when I can. A lot of people found out about them from a comic at XKCD. Here is a list of passphrase generators that I use, and some that I have come across:

There are a few passphrase generators that are diceware. I think the EFF likes diceware.

  • Password dot diet – with source code on github. I think you can run this on your laptop/desktop.
  • Some guy named Doug has one too – as well as source on github. This is another downloadable javascript web page.
  • Here is one from a company called Hidester that sells a VPN – The page has some nice info on diceware and why you should use it for generating passwords. I don’t see a link to any source code. I saved this on Firefox (saving all the images and Javascript as well) onto my Ubuntu laptop. The saved page did not work with either Firefox or Chrome.

Hopefully all these will still be valid when we all use quantum computers.

If a site still requires you to use a 54d_Tr0m8on3 (“sad trombone”) password, try Steve Gibson’s Ultra High Security Password Generator. Or you could use Secure Password Generator. This site also features some security tips. This person does not like using dictionary words at all.

You could also create a password on Linux or cygwin on the command line. Here is a command that will create a 16-character random string with upper- and lower-case letters, numbers, and the characters “_”, “+” and “-“:

Put that in your .bashrc file (command based on information here, here and here).

You can also do this on Windows 10 in the PowerShell (see this page on Microsoft’s web site). Save this in a file with a “ps1” extension:

“join” puts it all on one line. The ranges and numbers are ASCII characters (see this chart). So you are sending characters to the get-rand function 15 times.

Steve Gibson also has a password checker on his site. You can save that and use it.

You’re welcome.