Sam Ruby links to Nic Wolff’s javascript password generator. While it’s super cool and all — I mean, there’s a screencast! By Jon Udell! — the actual password algorithm is kinda stupid, in that it generates only 4bn unique passwords. That may seem like a lot, but for computers it’s not.
For a less UI-savvy password generator with a better algorithm, check out Javascript password generator. It uses SHA-1 instead of MD5, and base64 digest instead of hex. Result? Stronger passwords.
I thought sha1 had been broken?
not in any way that would affect this. the attacks on SHA1 are ones that might possibly let you forge cryptographically signed messages, but they certainly won’t let you guess the original plaintext, which is what you’d need to do to crack this password generation algorithm.
Pingback: ((meatspace)) » Blog Archive » New password generator
how do u crack a simple password… like a program that automaticly guesses and tries passwords until it gets it right?