Password Generator

Sam Ruby links to Nic Wolff’s javascript password generator. While it’s super cool and all — I mean, there’s a screencast! By Jon Udell! — the actual password algorithm is kinda stupid, in that it generates only 4bn unique passwords. That may seem like a lot, but for computers it’s not.

For a less UI-savvy password generator with a better algorithm, check out Javascript password generator. It uses SHA-1 instead of MD5, and base64 digest instead of hex. Result? Stronger passwords.

This entry was written by David Terrell and posted on May 3, 2005 at 8:30 pm and filed under tech. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

3 Comments

  1. Christopher Stillson
    Posted May 4, 2005 at 12:20 pm | Permalink

    I thought sha1 had been broken?

  2. dbt
    Posted May 10, 2005 at 1:54 pm | Permalink

    not in any way that would affect this. the attacks on SHA1 are ones that might possibly let you forge cryptographically signed messages, but they certainly won’t let you guess the original plaintext, which is what you’d need to do to crack this password generation algorithm.

  3. bob
    Posted February 21, 2006 at 8:59 pm | Permalink

    how do u crack a simple password… like a program that automaticly guesses and tries passwords until it gets it right?

One Trackback/Pingback

  1. By ((meatspace)) » Blog Archive » New password generator on 15 May 2005 at 11:57 pm

    [...] name”)=>base64=>custom password. Changing the secret would be a bitch, though. See password generator for the inspiration. This entry was posted [...]

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*