xkcd is right that we use passwords which are hard to remember, but easy to crack with computers. Recently my oldest password (the master password for my KeePass file) got compromised, so I suddenly got interested in generating a password that is hard enough, but not easy to remember. I could use some online services that generate an xkcd-inspired password like that, but I don’t really trust passwords generated on other people’s machines. Luckily I have huge collections of words on my machine, so here is this one liner instead:

cat /usr/share/myspell/en_US.dic | ruby -ne 'puts $_[/^[^\s\/]+/]' | ruby -e 'require "securerandom";puts $<.sort_by{SecureRandom.random_number}.take(4)' | tr '\n' ' ' && echo ''

And if 492704 bits aren’t enough for you as entropy, then just be multilingual:

cat /usr/share/myspell/en_US.dic /usr/share/myspell/hu_HU.dic | ruby -ne 'puts $_[/^[^\s\/]+/]' | ruby -e 'require "securerandom";puts $<.sort_by{SecureRandom.random_number}.take(4)' | tr '\n' ' ' && echo ''

(I also wanted to add the German dictionary, but that seems to have some encoding problems.)

EDIT: using secure random instead of a simple shuf

Leave a Reply

Your email address will not be published. Required fields are marked *