GeodSoft logo   GeodSoft

Password Generator
Sample Good* Passwords
From User Controlled Patterns

sif14Lhek  giw}8Frohb  dqin7Pob  Kuh"Zak  nbil0Kpaz  vokf-=vcar  
pof$)Gjam  Wiv'Gic  reg~+Hag  doz$Mep  
Create passwords: Refresh/Reload = similar structure passwords.
See the Pattern Samples page for many examples and explanations.

Below are a few basic password creation control patterns.
Words Only Passwords from 2 to 6 character words (3+). NOT pattern based. Language unknown.
Wvv0evv0Esd Variable length psuedo word ending with symbol and digit.
Cc0vv0c0Csd1 Word like,symbol, one or more digits.
CvcnCvcn Rigid consonant, vowel, consonant, non letter, then repeated.
CvcAAAcvC Consonant, vowel, consonant, 3 random characters, repeat first 3.
Ll5Lss0d9 3 to 7 letters, 1 or 2 symbols, 1 or more digits.
aaaaaaaaaa 10 random characters, lower case letters only.
A1 Very big fully random strings.
h1 Many random 8 character hex numbers; NOT passwords.


Change options below to see different length passwords and patterns.

Look at valid pattern characters before trying your own. There are no wildcards and this does NOT use words or names.
Pattern
How many passwords?
Display across? (0 or 1)
Maximum zero characters
Zero odds
One odds
2 through 9 odds
Words Only passwords
Minimum password length
Maximum password length
Force Mixed Case (0 or 1)
Force a Digit (0 or 1)
Force a Symbol (0 or 1)
Digit sets per symbols

The user has near total control of the nature of the generated passwords. This password generator can create any type of password: monster fully random passwords, unsafe very short passwords, moderate length passwords that are highly structured or loosely structured. Now it even produces passwords made of multiple short words which are nearly always pronounceable. The user has complete control over the types of characters selected, and the probablity that any control chacacter will cause a character of the selected type to be output. Within the parameters set by the user, the selection of individual characters is random. You can even use it to generate random numbers in both base 10 and hex (but these are awful passwords).

This is a powerful, complex tool for system administrators and advanced users to create real passwords, or study the near infinte ways uncrackable but memorable passwords can be created. It is not a toy to watch the shape of character strings change. If you are generating more than one set of passwords a minute, you are wasting your time and my money. It is not possible to understand the qualities of strong passwords 8 characters and longer in 6 seconds or less each. Try to work through the actual pronunciation of each of ten, 12 character, Words Only passwords, in less than four or five minutes.

Unless followed by a numeric qualifier, each pattern character will be used exactly once to form the password, up to the maximum password length. Once the maximum password length is reached, the password is complete and any unused part of the pattern is simply ignored. There is no upper limit on how many characters a 1 qualifier may generate, except the password length. At least one is assured unless the maximum password length has already been reached. Any password less than the minimum length is discarded and a replacement generated.

Run the original password.pl for which both command line and as of late May, 2012 CGI (web) source code is available. All GeodSoft specific code has been removed and some modest enhancements made. It's not nearly as versitile as this version but is highly configurable and capable of generating an enormous universe of passwords, nearly all of which are better than people can do creating their own passwords. In this version, Cc0vcc0n2Cc0vcc0 generates the original default pattern. cvcddcvc generates the original State Department style passwords. cvcnncvc is "better" and CvcnnCvc is "still better." CVCdd is "easy" and CC0VCC0nnCC0VCC0L1 is "hard."

There is no guarantee that passwords displayed on this page are actually good passwords; also they are transmitted in plaintext over the Internet, stored in your browser cache, and you have only my assurance that they are not logged. Depending on the controlling pattern, many, often most, are actually good; approximately 20% of the passwords generated by the default settings fail the password evaluator tests. Among the many sample patterns on this and the pattern samples page a number include either consonant vowel consonant sequences, or many variations on them that may be pronounceable and have a resemblance to words. Even though the displayed characters are selected with the use of a random number generator, at times dictionary words will be displayed. Avoid these. The lengths of various sample passwords have not been increased to keep up with the speed of computers and advanments in cracking techniques from 2005 - 2012. Seven character passwords should not be considered acceptable on any but disposable accounts. Eight characters is now less than marginal for important accounts. Don't use anything less than 10, and if you want to be safe use 12 characters with all character types available on a typical 95 character keyboard.

If a word is most of a password, the password is not good. Passwords consisting primarily of two short words are not good; they are not typically bad. They just tend to be weak and may be crackable. Passwords consisting primarily of a dictionary word that has been mechanically transformed are not good. Transformations may included reversal, rotation and keyboard or ASCII shifts, substitution of similar looking numbers, and other permutations. These may be difficult to spot; normal humans cannot spot a reversed keyboard shifted word, but a password evaluation or cracking program can find it almost instantaneously. To check the quality and strength of generated passwords (or any password) use the password evaluator.

transparent spacer

Top of Page - Site Map

This page and the information on it my not be published or distributed under the terms of the GeodSoft Publication License. Copyright © 2000 - 2014 George Shaffer. All rights reserved.

 
Home >
CGI Scripts >
password.pl

What's New
How-To
Opinion
Book
                                       
Email address

Copyright © 2000-2014, George Shaffer. Terms and Conditions of Use.