16.03.2010 12:35
|
#7
|
Imperium of Man
Inquisitor
Сообщений: 5,990
+ 5,680
4,442/2,033
– 128
137/102
|
Цитата:
Сообщение от Maksud Dadaboev
Предпочитаю пароли типа gthtljvyjqk.,jqafrbhyeghjcnjrfhkbr Тоже не подбирается, зато нет необходимости держать файл с паролем под рукой, набирается по памяти
|
Подбирается... есть хорошие русские словари, набранные такой манерой (да и скрипт, "меняющий раскладку" словаря несложно написать.)
Юзайте apg, и будет счастье
Цитата:
APG(1) User Manual APG(1)
NAME
apg - generates several random passwords
SYNOPSIS
apg [-a algorithm] [-M mode] [-E char_string] [-n num_of_pass] [-m min_pass_len] [-x max_pass_len] [-r dictfile] [-b filter_file] [-p min_sub‐
str_len] [-s] [-c cl_seed] [-d] [-y] [-l] [-t] [-q] [-h] [-v]
DESCRIPTION
apg generates several random passwords. It uses several password generation algorithms (currently two) and a built-in pseudo random number generator.
Default algorithm is pronounceable password generation algorithm designed by Morrie Gasser and described in A Random Word Generator For Pronounceable Passwords National Technical Information Service (NTIS) AD-A-017676. The original paper is very old and had never been put online, so I have to use NIST implementation described in FIPS-181.
Another algorithm is simple random character generation algorithm, but it uses four user-defined symbol sets to produce random password. It means that user can choose type of symbols that should appear in password. Symbol sets are: numeric symbol set (0,...,9) , capital letters symbol set (A,...,Z) , small letters symbol set (a,...,z) and special symbols symbol set (#,@,!,...).
Built-in pseudo random number generator is an implementation of algorithm described in Appendix C of ANSI X9.17 or RFC1750 with exception that it uses CAST or SHA-1 instead of Triple DES. It uses local time with precision of microseconds (see gettimeofday(2)) and /dev/random (if available)
to produce initial random seed.
apg also have the ability to check generated password quality using dictionary. You can use this ability if you specify command-line options -r dictfile or -b filtername where dictfile is the dictionary file name and filtername is the name of Bloom filter file. In that dictionary you may place words (one per line) that should not appear as generated passwords. For example: user names, common words, etc. You even can use one of the dictionaries that come with dictionary password crackers. Bloom filter file should be created with apgbfm(1) utility included in apg distribution. In future releases I plan to implement some other techniques to check passwords (like pattern check) just to make life easier.
|
Цитата:
$ apg sdfsdafsdafadsf
CeejLitIcs
ZyrivCyd
HybesVin
HosAkTijfo
ivKattib
'DradyeOwf
|
|
|
Ответить
|