LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   creating passwords (https://www.linuxquestions.org/questions/linux-security-4/creating-passwords-4175482861/)

danimalz 10-30-2013 10:42 PM
creating passwords
 
I am trying to come up with a way to create secure passwords thru a process.

Heres the idea, what do you think?

it is easy to associate an image file with a service. For example you could do a screenshot of a particular website. The resulting png file would be the reminder image. You'd do this for each different site you authenticate to.

Then, for added security, you'd have a single 'seed' file, this could also be an image (image of a seed, for ex.)

to generate a password, you could do:

cat file.png seed.jpg | md5sum

the result would be your password.

if you ever needed to change your passwords, you'd only need to regenerate them by using a different seed.jpg

The files themselves could be stored obscurely in whichever place you want or on a usb stick, etc.

what do you think?

pan64 10-31-2013 02:40 AM
the problem is that you need to have exactly the image anywhere, anytime (removing-modifying one single pixel will cause different checksum)

nickmh 10-31-2013 04:47 AM
Passwords?
 
Password Card any good to you?...

passwordcard.com

saavik 10-31-2013 07:10 AM
Quote:
Originally Posted by nickmh (Post 5055763)
password card any good to you?...

Passwordcard.com
cool! Thx!

sundialsvcs 10-31-2013 06:19 PM
There are also a variety of software "digital certificate" technologies ... such as OpenSSL ... which in fact can be used (and are used) for digital authentication as well as for encryption. There are many ways to issue unique, non-forgeable credentials ... "passwords" are passé ... and to use them in applications and so-forth.

John VV 10-31-2013 08:27 PM
pick a book you like
go to chapter ?
read the first line
-- remove blank spaces and capitalize the first letter of each word

that is the pass phrase


-- simple

taylorkh 11-06-2013 08:19 PM
How about this...

Take some random binary file - a picture, mp3, executable, etc. uuencode the binary file to produce a file of printable characters. Parse out the desired number of columns. Change or two of the alphabetic characters to lower case (uuencode produces all caps) and this is your password list. I did this a while back to generate passwords for various on-line uses such as this forum. They look like decent passwords to me. Letters, numbers, special characters just like we are supposed to use.

Ken

adampski 11-07-2013 05:41 AM
Good idea, but...
 
Quote:
Originally Posted by John VV (Post 5056241)
pick a book you like
go to chapter ?
read the first line
-- remove blank spaces and capitalize the first letter of each word

that is the pass phrase


-- simple
I think this idea is the best solution.

Other ideas put forward have heavy dependencies and assumptions that the contents of particular files (that are the composition of the password) do not change; where this can happen more often than you may think, due to corruption, accidental modification (not just by you but the OS and other users too) and simple carelessness.

I suggest simple carelessness because the OP suggested to combine two files and generate a checksum of the resulting value, in the CLI. Where your history and results are recorded and printed to your hard disk/display.

It's a good idea, but the risks out weigh the benefits and also has no difference to just having an encrypted password file.

Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein


All times are GMT -5. The time now is 04:32 PM.