Generating secure passwords

Published: Thu 12 May 2022
Updated: Sat 11 February 2023
By George Macon

In Code.

I’ve used password managers for many years now, and they have many security benefits, including secure password generation. One pain point is, and always has been, that websites have random rules for what constitutes an “acceptable” password. I’ve ended up with an extremely basic solution: a shell:

tr -cd '!-~' </dev/urandom | head -c 16

That example gives a random password consisting of all printable ASCII characters uniformly. Here’s an example I used recently for a site that only accepted a subset of special characters:

tr -cd 'a-zA-Z0-9!@#$%^&*' </dev/urandom | head -c 16

This doesn’t help with other rules, like “you must include one character of each type” or “you can’t include more than three characters of the same type in a row”, but I can usually just draw a couple times until the conditions are all satisfied.

links

social