Re: FAQ: How can I generate good strong passwords?

In message <bfgu02p4ih4b13gr6ovu1caevefenng1gf@4ax.com>, Gordon
<gordonlr@DELETEswbell.net> wrote:

> >If you want to generate "good strong passwords"
> >dd if=/dev/urandom bs=128 count=1|uuencode /dev/stdout
> >and take a string of 20 or more characters from the second line to use
as your
> >password.
> >
> >Of course you will never remember it. So you will need passwordsafe.
> >
> >>* NOT <http://www.passwordsafe.com/>
> >
> I perceive the question the same way you seem to. How to generate
> good strong passwords that one can easily remember without having
> to write them on a Post It note and stick it under your keyboard.
>
> My approach to this is to use an old song book. Choose a familiar
> song then use the song/hymn number and verse number in
> conjunction with the first letters of the words in that verse.
>
> This produces a mixture of digits and text that can be as long as
> you need. It is easy to remember, but would be nearly impossible
> for anyone less than perhaps the FBI to crack.
--

That'll work.. I also like using a full random string with a mix of
upper/lower case, numbers, special characters, ect.

True and somewhat funny story of how I used to generate random strings for
WPA, but still be able to 'recover' them without storing them in plain text
(written down or worse stored on a computer). Came across a program that
worked with one of my fingerprint scanners to generate strings. The seed
value was from a phrase you wanted to use, which I would choose something
that was relatively easy to remember but still mangled it up a bit. Yeah,
there are still a bunch of problems with this approach (is the program truely
generating random strings, is it storing them -- it said it didn't and as
far as I could tell, it didn't, and if you are really paranoid -- is the
program 'phoning home' your generated string, lol).. Then of course,
keyloggers could compromise it, but they could compromise almost anything
anyway..

However, it did work. It worked too good even! To get the same string, you
had to put your finger exactly on the scanner as when your key was generated.
Two out of three attempts usually generated the wrong key.

The humorous part of the story, I put together some closet fileservers and
wanted to get them talking, but couldn't generate the key. I had done some
yardwork the previous day and had little cuts on my finger. Either had to
make all new keys or wait for my finger to heal.

I've since been using a much better method!