Scrambled Password Generator

Not really photo editing, but still useful, especially when you need a new user ID or password for that photo sharing web site.

The password generator is a simple online tool which generates random sequences of letters and numbers. I was inspired by the approach described here for cryptographically strong passwords and the nickname generator described here.

FUMOSARI? pecitu?

Interesting words, you're thinking. Really those are just random passphrases from the password generator. (I think you'll agree they're a little easier to remember than MYHXBEYK and acjsze. Technically they're not as secure since they're not as random, but that small sacrifice might be worthwhile if you need to remember the word.)

Why you need a scrambled password

One morning I was thinking about putting a password on one of my Microsoft Office documents, and I was wondering how effective that would really be. After all, I thought, if somebody knows how to defeat the encryption scheme used by the Office application, then a password wouldn't offer much protection.

I decided to look around online to see if I could find tools to crack the encryption scheme. I came across several, including Last Bit Software which provides software and services to unlock documents and files protected by passwords. There are legitimate reasons to do this of course, one obvious reason being a forgotten password. On their site they have a nice write-up of how their software approaches the task of password recovery, as well as limitations of those approaches. There is a lot of wisdom there - several of the techniques used to get past password schemes are rendered ineffective by randomly generated passwords like the ones from here.

A Few Thoughts on Passwords

Each time you refresh the page a new set of passwords are generated. Take your pick or refresh the page to get a different set. A few things to consider:

  • More kinds of characters in the password is better
  • Longer passwords are better
  • Passwords that are words from the dictionary are easily compromised.
  • Use a different password for every on-line account you have, so that if one is compromised the rest are still safe.
  • Use the same rules for user IDs: Use a password from the tables below as your user ID! The user ID is typically stored unecrypted, so personally identifiable user IDs make it easier for a hacker to target your account if a web site is compromised.
  • Don't keep a list of your hard-to-remember passwords on your computer. It's easier for hackers to steal data on your computer than it is for them to steal data on a sheet of paper in your wallet or in your home. Store them on paper someplace safe.
  • Don't use your mouse to highlight and copy/paste the password from this page; some piece of malicious software could be 'watching'. Instead, write it on paper, and type it when you need it.