Secure password generation...blasphemy!
RW
rwmaillists at googlemail.com
Tue Aug 4 22:00:36 UTC 2009
On Mon, 3 Aug 2009 22:34:27 -0400
Bill Moran <wmoran at potentialtech.com> wrote:
> Modulok <modulok at gmail.com> wrote:
> >
> > I need a way to generate a lot of secure passwords. So, I read all
> > about it. Either people are getting way carried away, or I'm missing
> > something...
>
> You could just use apg ... it's in the ports.
By the look of it this was originally DES-based, and was upgraded to use
CAST or SHA1. However the seeding from /dev/random seems to have been
left at 64 bits (the DES blocksize) plus some extra from
gettimeofday(). In practice it's probably good enough, it just seems a
bit lame.
More information about the freebsd-questions
mailing list