mkpwd

Content

  1. Content (this section)
  2. Installation
  3. Development
  4. Algorithm
  5. Security

About

mkpwd is a password generating program. It is designed to satisfy a scalable range of security demands.

It's standard behavior is to generate one password consisting of any of all printable ASCII characters (32-128) with a length between 6 and 10.

You can modify the way passwords are generated via command-line switches. You can specify a length range, the characters used and even let mkpwd generate passwords which are kind of readable and therefore easier to remember (and easier to crack either, see below). mkpwd was tested under Solaris, FreeBSD and Linux.

↑ Top of page ↑

Installation

Download the source and untar the package.
Change to the created directory and type:

# ./configure

# make and

# make install

That's all.

↑ Top of page ↑

Development

The sources are kept in a repository on sourceforge. Just checkout the sources:

git clone git://git.code.sf.net/p/mkpwd/code mkpwd

and send me diffs ;)

↑ Top of page ↑

Algorithm

The algorithm is based on the systems rand()-function (see man 3 rand) and therefore depends heavily on it's implementation. I did some testing on the output of mkpwd which is represented in the table below. I let mkpwd generate 100000 passwords with the parameters listed below. The `*' run was performed using a script-file which started mkpwd 10 times at once (i.e. nearly, started in background) and evaluated the output of all 10 instances. The numbers in the table are the numbers printed by 'uniq -d'.

Table:
run Std t1 t2 t3 t4 t5 t6 t7 t8 t9
1 0 0 0 1 8 29 505 1730 354 1
2 0 0 0 2 9 30 519 1630 315 1
3 0 0 0 2 10 26 501 1634 322 0
4 0 0 1 1 3 31 541 1595 316 0
5 0 0 1 4 12 18 521 1607 350 0
6 0 0 0 2 5 24 530 1587 357 1
7 0 0 0 1 10 33 518 1610 357 1
8 0 0 2 1 7 40 529 1652 364 0
9 0 0 0 0 8 38 546 1650 341 0
0 0 0 1 1 11 26 529 1611 345 0
* 0 0 43 171 968 2332 46558 130869 29687 41

t1: -n 10 -m 10 -t 3 -l (fixed length 10, alpha)
t2: -t 5 (alphanum-readable)
t3: -t 6 (alpha-readable)
t4: -n 6 -m 6 -t 5 (fixed length 6, aplhanum-readable)
t5: -n 6 -m 6 -t 6 (fixed length 6, alpha-readable)
t6: -n 6 -m 6 -t 5 -l (same as t4, lowercase only)
t7: -n 6 -m 6 -t 6 -l (same as t5, lowercase only)
t8: -t 4 (numeric-only)
t9: -n 10 -m 10 -t 4 (fixed length 10, numeric-only)

As you can see one gets a lot of doubles if the password length is fixed, especialy if you use a short length.

↑ Top of page ↑

Security

Generally it is advisable to use only passwords which are generated by mkpwd in it's default mode. If you use options to get rememberable ones, you also make it easier for password cracking programms to guess them. Read 'man 1 passwd' to learn more about passwords and security. If someone would try to crack passwords (e.g. with john) which were generated with mkpwd with different options I would be appriciated to see the results.



copyright © 1997-2024  Oliver Schroeder(remove XYZ)