You can let xkcdpass compute randomness alias entropy in bits by adding the verbosity option -V. It may be vary between persons (and groups of people, if you are considering how to set a policy or custom tool for an organization). higher number of words that are common and easy.lower number of words that are strange and complicated.Do not tamper with the random process by selecting or modifying the password manually.Īt this Ubuntu help wiki page: The XKCD method - xkcdpass you can find aĬustom word list - 'word-list.txt' Useful command-lines with xkcdpassĭecide what works best for the security level you need in your particular case, The important thing for the security is not the words themselves, but that you let a random process (for example dice) or a good pseudo-random computer process select the words. As usual, you should only use reliable web sites. You can download such a list (check that it consists of unique words and is long enough, at least 2048 words = 2^11 words, which corresponds to 11 bits of entropy).ĭownloading, checking and using such a file from the internet should be safe. Now you can run your shuf command line to test the pruned word lists, $ for i in *pruned* do echo "$i:" shuf -n4 "$i"| awk NF=NF RS= OFS=' ' echo "-" doneīut I would prefer xkcdpass. The shellscript will find the default word lists and also word lists for xkcdpass and cracklib, if installed. Prunedlist="$-pruned.txt"Įcho -n "Total number of words in list: "Įcho -n "Used lower case words ( 4 < length < 10 ): " $(find /usr/share/dict/ /usr/lib/python3/dist-packages/xkcdpass/static -type f -size +10k) \ You need other information to remove uncommon, difficult and potentially offensive words, or you can do it manually. But there is no sorting of these files according to how easy to accept they are. You get only lowercase words, which makes the typing easier (special characters are removed) and only words in the interval letters (not too short, not too long). The following shellscript pruner might help. You can create such a list yourself (and in your own language, and remove words with special characters, because they might cause problems with some software). It will make it easier to accept, remember and spell the password/passphrase, if you use a list of the most common words, where the words are selected for this particular purpose. Of course, if you like such words, you can add them to your own word list -) but don't force them onto other people. Your name, city or other personal data might be selected from the word list in an extremely rare case, but more often you might be offended by a political, ethnical, religious, sexual or generally rude word. Using a big word-list provides more entropy per word, but chances are that you or users in the group, whose IT security you are managing, refuse to use the first offered password/passphrase. In order to preserve randomness, entropy, it is very important the you accept the first offered choice, and the word list can make a difference. The human aspectĬonsidering the human aspect it is important that you can Otherwise the entropy decreases (often more than you would think), and your security level will be lower. Use a method, that provides sufficient randomness alias entropy, often measured in bits.Īccept the first offered choice from the random process.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |