Command line tool to generate memorable passwords?

security linux passwords password-generation

Solution 1:

I've since moved on to XCKD style passphrases for most of my passwords. Here is a 1 liner from commandlinefu to generate a passphrase:

shuf -n4 /usr/share/dict/words | tr -d '\n'

Solution 2:

2020: I posted this answer in 2011. In the years that have passed, the face of cyber security and the demands to it have changed rapidly and enormously. As has been pointed out by anarcat, pwgen may not (or no longer) be suitable for securing high-security systems. He sets out to describe the technical details on how pwgen can, in some circumstances, use insecure methods of password derivation from available entropy in his article. Although I no longer believe in generating passwords to then try and remember them myself, I do not have the technical aptitude to validate, let alone vouch for the contents of the article as quoted so please read it and draw your own conclusions. Having said that, I am convinced that pwgen will suffice for low-security systems where attack is very unlikely.

You might want to check out the pwgen application. I know it to be available in the Ubuntu, Fedora, Debian and Suse repositories.

From the man page:

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack. On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.

The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behavior differs depending on whether the standard output is a tty device or a pipe to another program. Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to "shoulder surf" the user's chosen password.

Related

What is the unix command to find out what executable file corresponds to a given command?
How to interpret the output of netstat -o / netstat --timers
How to find my DHCP server IP address via a command prompt in Windows?
Synology DSM - Can't log as root (but works with admin)
How to browse the internal PDF structure in Adobe Acrobat?
"Connection refused" vs "No route to host"
How to find which package certain command belongs to on CentOS?
Why does it take so long for SQL Management Studio to connect?
Why would a RAMdisk be used today?
Microsoft Visio branching connectors
Linux command line utility to determine mp3 bitrate?
Sublime Text 2: Disable cursor position overwriting characters (like vim replace mode)