Generating a password is alway a tradeoff between complexity for security and easy to remember for user convenience. One of the best trade off, is probably the idea of “pronounceable” passwords. A “pronounceable” password is a password that is not a combination of know word but is still prounouceable. Being not a combination of know word make it non vulnerable to dictionary attack and being pronounceable make it rather easy to understand.
The idea was first described in the paper:
Gasser, M., A Random Word Generator for Pronouncable Passwords, MTR-3006, The MITRE Corporation, Bedford, MA 01730, ESD-TR-75-97, HQ Electronic Systems Division, Hanscom AFB, MA 01731. NTIS AD A 017676.
Since then many password generator have been using this idea. I came across a very good implementation available in many flavor (C, java) for english here:Password Generator. So next time you have to generate a password, take a look at it, it really a valuable tool.
0 Responses to “Password Generator”