seeking pronouncable password generator for Ubuntu
I've read {(blush) but cannot recover the webliography} that longer passwords are better, but they are harder to remember. More reading {and blushing} tells me that one might make passwords memorable if you can projounce them somehow. Consider http://webpages.math.luc.edu/~vande/jabtext.html as pronouncable nonsense.
Using words from this poem is common and not recommended. I offer this for examples of "pronouncable."I want a password generator, using English-like sounds, that create a random set of syllables for each word and offers a short list of words that comply with the prevailing password policy for length &c. The end-user would then pick one word for their new password, or select for a replacement list. Q1: Does anyone know about this sort of code fragment to generate "pronouncable" passwords? Q2: Can anyone suggest how to best integrate this into the Ubuntu(gnome) or Kubutu(KDE) desktop? Q3: Can anyone suggest how to integrate this into a web site like WordPress or Joomla! for end-user authentication? Cheers, ~~~ 0;-Dan |
Quote:
If I could humbly suggest a contrived example algorithm to consider (change to suit your tastes):
Now combine them, like so: <food> + <number> + <cartoon_character> + <number> + <film> Examples:
Most humans can remember a series of words that are somewhat meaningful to them. |
If I'm understanding you correctly, you're suggesting using pronounceable but non-real words. I think that's a bad idea. Whilst people may be able to remember how to pronounce the word, they may not remember the spelling. They're more likely to remember the spelling if it's a real word. Though anomie has already covered the problem of using real words in passwords.
If you want an easy way to get real words, try looking at the words file. On my openSuSE system it's located at /usr/share/dict/words but it might be somewhere else on Ubuntu. If you can't find it look for package called words in the repos. The words package contains American English but there are also region specific versions - look for appropriately named packages. You can quickly grab a random word using shuf Code:
me@mine:~> shuf -n1 /usr/share/dict/words Code:
me@mine:~> grep -v "'" /usr/share/dict/words | shuf -n1 |
My favorite (memorable) password generation method (not my idea) is to take a memorable phrase and use the first letters from each word.
So "I bet NO-ONE in their right mind will guess this password" becomes "ibnoitrmwgtp". You can extend it with capitals and letter to digit/punctuation substitution , perhaps giving "!bN-O1trmwgtp". That's just an example, but you get the idea. |
A better way to generate passwords is tie them to a phrase...
InAvRnBw'gOt2011 I Need A Vacation Right Now But Won't Get One Till 2011 Phonetic password generators tend to give you real words on occasion which means you have a dictionary word as a password... Honestly, you should use a password that looks like: C$Gsk.917xNCO3^OFiLA-VTW Use Keepass to keep your passwords in so they're all unique and you don't NEED to remember them... (works on iphone, android, windows, mac, linux, there's a portable version, etc...) |
I've merged the duplicate into this thread. In the future, please don't double post.
|
Quote:
In response to your posting, I used Advanced Search with the keywords "pronounce" and "password". The search did not even locate this thread. Even if search did not stem "pronounce" to find "pronounceable", the word "password" might have found this one. When folks -- call me a newbie if you must -- search with zero results found on a subject line, is it really productive to complain about "duplicate" postings. When I create a new thread, I always use the "check for similar" button. I {SaintDanBert} did not see any threads that I'd consider duplication. I'm trying to be a good citizen. Also, I find that one choice of subject line gets ignored while another choice addressing the same inquiry gets response. How is one supposed to re-state the original question {aka, replace the original subject line} without a second posting or similar? Teach me. I will learn. ~~~ 0;-Dan |
In response to response #3 http://www.linuxquestions.org/questi...8/#post3998193, any use of "real words" is discouraged because password cracking software uses dictionaries which contain (DOH) real words.
The idea of presenting several "word" options, is to offer the end-user the choice of items that will somehow catch their fancy ... tickles their tounge or something ... and thus is rememberable. The choice of pronouncable syllables is deterministic enough that the spelling foibles of routine English (American, British, Aussie, or otherwise) won't be an issue either. The generator would somehow avoid the common tripping points like 'receive' vs. 'friend'. Please forgive in advance if you are an expert in phonetics or linquistics.The letter 'a' may have pronounciation of 'ay' (as in 'play') or 'aa' (as in 'cat') or 'ah' (as in 'father') or 'aw' (as in 'caught'). The letter 'c' may have pronounciation like 's' or 'k'. The generator would select a random consonant and pair it with a random vowel sound to create a random syllable. For example, 'p' + 'aa' or 's' + 'ay'. After making some number of random syllables, the generator might then select one and test against the desired or required minimum length. If it is too short, select another and concatenate. When a string is long enough, report it. Repeat when there are enough samples. Capital letters might be salted in the text with punctuation salted between the syllables In ancient times, the Digital(tm) VAX/VMS utilities had the command line Code:
prompt$ # used slash for command-line options ~~~ 0;-Dan |
Quote:
I reported it, and a mod was nice enough to merge them before they turned into a vicious two-headed monster. |
Quote:
|
If this posting appears more than once, I had dropped connection troubles trying to SUBMIT ... again? ... Sorry!
Quote:
Not an excuse, but I'm using Firefox on Ubuntu Jaunty or Lucid. There is some known sluggish behavior of the browser which may have left me feeling that I had not yet touched SUBMIT. Cheers, ~~~ 0;-Dan |
... rolling my own ...
After much searching, I found this https://help.ubuntu.com/community/StrongPasswords. While it uses a different syllable
algorithm than I proposed on 11th June, it mostly does what I want. Thanks to all, ~~~ 0;-Dan |
All times are GMT -5. The time now is 02:27 PM. |