Skip to main content
Welcome guest. | Register | Login | Post

HelPass - A password generation program

6 replies [Last post]
ma_d's picture
Offline
Joined: 2006-07-07

Hi everyone,
I'm writing a password generation program in C#/gtk#. You can see/try it here: http://www.public.iastate.edu/~chris129/code/HelPass/

I'm looking for two things mostly:
1.) Someone to make an icon for it.
2.) Suggestions on, well, suggesting passwords.

And of course, volunteers to write code are always appreciated; but not expected.

tbuitenh's picture
Offline
Joined: 2005-12-21
Some suggestions: Some

Some suggestions:

Some systems have a minimum and/or maximum password length.

Some require/allow/forbid certain character classes (UPPERCASE, lowercase, numbers, other characters, space, tab) to appear in passwords.

3Leet and next letter and such make insecure passwords. Of course everyone uses them but you should have a warning against them.

Try to add a popular password guessing program into your password generator, so people can test how easy to guess their password actually is.

waylandbill's picture
Offline
Joined: 2006-07-13
pwgen

Try looking at the source code for 'pwgen' to help you out a little bit.

free-zombie's picture
Offline
Joined: 2006-03-08
"everyone" uses passwords

"everyone" uses passwords like jim1234 and j1967baker :-P
a sentence with a bit of mixed case and a few special chars should be quite good - though long more-ore-less-random passwords like pwgen creates are better.

libervisco's picture
Offline
Joined: 2006-05-04
For secure, but not so easy

For secure, but not so easy to remember passwords pwgen is quite cool. Now if you'd do something similar, but with passwords which are a bit easier to remember that could be nice. And you already have a GUI for it unlike pwgen. Smiling

ma_d's picture
Offline
Joined: 2006-07-07
Length is in the

Length is in the preferences. It uses max length to decide how good your password is (you can't get a 100% rating without a maximum length), it defaults to 14.

There's a random generator, which I'll improve because it's not particularly random yet.
There's also a method to generate passwords from paragraphs in it now.

But yes, it opens up with a warning which I should probably expand. Basically anything that's not wholly original to start with is easy to programmatically guess. I think the strength measure is good for showing strength, but maybe I should add a dictionary checker to that. If you use a dictionary word it basically gains you nothing. Although, the way the strength calculation is now you get virtually nothing for a series of letters, you have to cycle between letters, numbers, and special characters.

I don't want to do anything for restricted system (no specials or no numbers) because frankly: Anyone who codes that today should be shot. Anything should _ALWAYS_ go for passwords.

The thing with the suggestions is that most of them are "derived" which means that if you retype the same password in they'll give you the same suggestion each time. I like this for the UI consequences it has, but it doesn't generate the best passwords: Although they're marginally better than what you gave, which is the idea.
That's the trouble with mnemonics I guess. But I hope the password workshop idea would help people memorize random passwords. It gives you a place to practice typing it for a minute.

tbuitenh's picture
Offline
Joined: 2005-12-21
Still, some people might

Still, some people might want to exclude special characters from their passwords because they are hard to find on keyboards that have a "different" layout.

After getting used to them, I type my passwords automatically. I don't actually spell them in my mind, so it will be quite annoying for me to have to do so because I happen to be on a vacation and the only available computer happens to put all those specials in different places.

Comment viewing options