DON'T REINVENT THE COW

This is a place for Systems Administrators and IT Professionals to find and share ideas, solutions and templates. If you have something that helps you solve a problem, chances are it will help someone else too. So pay it forward and send an email to TheAgreeableCow at gmail. Full mudos to you!

Sunday, 10 August 2014

Password and Phrase Generator (using PowerShell GUI)

Creating a good password is not as easy as it used to be. Regular English words as passwords are a terrible idea and simply adding a few numbers or characters doesn't help much. The trick to creating a good password is finding the right balance between length and complexity. Here's an article on Stanford University's password policy, which is a great example of getting that mix right.

There are a bunch of password generators out there and even some phrase generators. The TAC Password and Phrase Generator will create both.

Creating Passwords

As soon as the script is run, a password is generated, based on the default settings. Simply increase or decrease the character count and select the complexity as required.


Random passwords of varying complexity from the ASCII table of acceptable password characters

Creating Phrases

Select the 'Words' radio button and increase or decrease the word count as required. By default, words are sourced from a random page on Reddit. You can of course experiment with any sub-reddit you like to theme your phrase.


Phrases from random words selected in real time from posts on Reddit.

You might have heard about the xkcd Password Generator, which is a great insight into the use of password phrases (in this case based on a small static list of common words making them easy to remember, but also easier to crack).

So why words from Reddit? Because it contains a vast and dynamic pool of words that represent the varied nature of the site itself. Once a pool of words has been randomly selected, it is then filtered to remove short words ( anything less than 4 characters), duplicates and common words.

Common Words Filter
Using ongoing samples of words from Reddit, a collection of common words is maintained and used as an exclusion list when generating phrases.

TIP! Download the latest version of the ExcludedCommonWords.txt
and save it in the same location as your PowerShell script.

The graph below shows a typical "Count of Unique Words" distribution. In this example, the common words account for around 40% of Total Words in a pool. However, as you can see they only account for a very small percentage of Unique Words. This means that phrases will be generated from uncommon words, making them harder to crack.


500 common words are automatically excluded from generated phrases

Options

Every time you hit 'Generate' another password is created. Each time it is copied to your clipboard for easy pasting into another application. Use the Mask option to hide the password on screen. The Export feature is useful for bulk transfer of passwords to another application. Please do NOT keep saved passwords in a text file for any period of time!

Please note that this tool simply provides random passwords and phrases in a novel manner. Be sensible with the passwords you choose and use them at your own risk. I am not responsible for anything that happens as a result of your password choice. 

Here's the script to the latest version (v1.3).There may seem like a lot of code here, but most of it is for the generation of the form.

 Cheers,
         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^

No comments:

Post a comment