Comments on: Use A Good Password Generator Linux. GNU. Freedom. Tue, 17 Jul 2018 15:53:18 +0000 hourly 1 By: Peter Sun, 15 Jul 2018 15:00:40 +0000 Thanks for the very interesting page about password generation!

I'm chasing online for a pw generator to put in the hands of our users, but all I found so far is missing something. Gets the feeling that you would be the man to create the dream generator based on Stanford password policy and Diceware wordlists, generating four passwords to choose from:

9-11 characters containing mixed case letters, numbers and symbols.
12-15 characters (3 words) with mixed case letters and numbers.
16-19 characters (words) with mixed case letters.
20+ characters with just lowercase words.

Think many happily would pay to get it on their intranet. Right?

By: Bo Kersey Wed, 13 Jun 2018 20:15:45 +0000 Aaron, as always your articles are informative, fairly concise and you do a great job of making the complex easier to understand.

one typo that I found..... s/eded/ed/ over the page and you'll fix it 🙂


By: Alexander Boese Wed, 13 Jun 2018 03:09:12 +0000 I created a password generator tool that uses cryptographically secure hashes for generation. Would you mind looking at it, and giving me feedback. If you think it's any good, I can share the generation code, though I'm trying to get more reviews prior to releasing as open source.

DyfynderX on iOS

Thank you.

-Alex Boese

By: guest Sun, 27 May 2018 17:52:36 +0000 I'd definitely suggest looking at 's idea of Readable Passphrases, which generates a syntactially valid (nonsense) sentence. It's my personal favorite that I've seen -- I find them EXTREMELY memorable, and I'd like to see more people use that.

By: Michal from Sun, 13 May 2018 16:47:02 +0000 To be honest never thought about it this way. Reffering to WordPress sites, I used brute-force protection provided by premium extensions and a key weification tool, that forbid using weak passwords. Whats more I blocked countries known from their source of common attacks and developed a policy of auto-ban repeating offenders.

I'm programist but need to escalate the topic. Thanks!

By: Michael Thu, 03 May 2018 14:49:41 +0000 How about adding keepass to your chart

By: xeni Wed, 25 Apr 2018 07:08:14 +0000 The more random and mixed-up you make it, the harder it is for others to crack. Mind you, if your password is compromised, the password crackers will even take over your identity.

I wrote an article on Best Passwords to use

By: Conor Mon, 23 Apr 2018 20:48:39 +0000 Thanks for taking the time to conduct this research and then share it with the community!

I see LastPass and Dashlane in the spreadsheet, but not 1Password or Keeper. Any chance you'd consider reviewing them and adding them to the spreadsheet?

By: Adrien Mon, 23 Apr 2018 18:53:44 +0000 For Server vs. Client Generation, you can use something like uMatrix for Firefox, and disallow any XHR for the page. In this case, the JavaScript can do a lot, but not communicate with a remote server.
Unless there is some unknown avoidance method I'm not aware of.

By: guest Mon, 23 Apr 2018 16:28:00 +0000 1. Block range not used IP and system processes with firewall.
2. Track own internet connection, for example from with own router.
And from own computer.
You will see tightness firewall and which process use your internet.
3. If you can, use gpg key, this is password but longer.
GPG key can be stolen, but password also. You can enable the system notification if the key is used. But to make sense, you need to protect the system from editing system files.
4. If you can, keep track of when your password is used. Because password and key does not give safety. Security gives only the address when it can only be yours and when nobody can use your computer for use your address.
For example:
When you write in chat,
someone may impersonate a friend.
When you call to friend on the phone,
even if someone else takes over the phone you will recognize him, in a voice. Because usually you know his voice very good and often also from real life. From chat, if this is not with video and sound, what you will see ? Tahoma or other font, which use 1 billion people or more ?