|
From: | Ineiev |
Subject: | Re: [Savannah-users] password must be more complicated |
Date: | Tue, 07 May 2013 13:53:15 +0400 |
User-agent: | Thunderbird 2.0.0.24 (X11/20100623) |
On 05/07/2013 11:48 AM, Bob Proulx wrote:
But playing around with things I find some crazy behavior. Check this out. I ran pwgen to create random passwords. I tried some. The first several I tried failed. Others did work. $ echo ohtaOe0h | pwqcheck -1 max=256 min=disabled,24,11,8,7 Bad passphrase (based on a dictionary word and not a passphrase) $ echo uChiel9m | pwqcheck -1 max=256 min=disabled,24,11,8,7 Bad passphrase (based on a dictionary word and not a passphrase) $ echo Iephoo3i | pwqcheck -1 max=256 min=24,24,11,8,7 Bad passphrase (not enough different characters or classes for this length) $ echo ox8iChae | pwqcheck -1 max=256 min=24,24,11,8,7 OK
pwgen -1 -s 8 10000|while read i;do echo $i|pwqcheck -1 min=24,24,11,8,7;done |grep ^OK|wc -l 8698 pwgen -1 -s 9 10000|while read i;do echo $i|pwqcheck -1 min=24,24,11,8,7;done |grep ^OK|wc -l 9334 Of course, an independent generator will produce some passwords that don't pass pwqcheck criteria, but IMHO the results are reasonable (provided the goal is to eliminate weak passwords rather than to accept all pwgen-generated ones).
[Prev in Thread] | Current Thread | [Next in Thread] |