我正在使用命令行工具pwgen来生成密码,因为我喜欢使用sha1命令行标志获得的可重复性。引用手册页:
-H, --sha1=/path/to/file[#seed]
Will use the sha1's hash of given file and the optional seed to
create password. It will allow you to compute the same password
later, if you remember the file, seed, and pwgen's options used.
ie: pwgen -H ~/your_favorite.mp3#your@email.com gives a list of
possibles passwords for your pop3 account, and you can ask this
list again and again.
WARNING: The passwords generated using this option are not very
random. If you use this option, make sure the attacker can not
obtain a copy of the file. Also, note that the name of the file
may be easily available from the ~/.history or ~/.bash_history
file.
我正在使用它来生成(和检索)这样的密码:
pwgen -1cnsy --sha1=/path/to/my/gpg/private-key.asc#username@example.com
唯一的问题是我想不出一种方法来指定我想要密码的字符数。默认情况下,它会生成一个 8 个字符的密码,这更容易受到暴力破解。
或者,我可以使用apg,它允许我指定字符数,但我没有看到apg将文件和字符串作为种子来为我提供可重复字符的方法。
有没有办法可以pwgen生成指定长度的密码?
Gil*_*il' 13
Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]
因此:
pwgen -1cnsy --sha1=/path/to/my/gpg/private-key.asc#username@example.com 42
请注意,它pwgen会很高兴地打印一个密码,该密码只要您要求,但超出某个点(由指定文件的熵确定)不会增加安全性。