![]() ![]() After initial setupĪ password/passphrase generated this way is actually going to be more secure than one that the vast majority of users would come up with on their own, but it's still bad practice to leave the password that was set at the factory (and therefore could have been seen by another person) on the device longer than needed. They're longer, but actually easier to type in most cases and definitely easier to tell somebody else to type, and still quite secure. If you want the password to be easy to say to another person / easy to remember, you could use the Diceware / XKCD method of generating passphrases (4+ randomly-chosen reasonably-common words). ![]() You could optionally use another encoding that restricts the character set to exclude hard-to-distinguish characters, or just pipe the output through tr to, so, replace the five characters listed above with #, $, %, and &. The base64 encoding will add 1/3 the to the length (9 bytes gives 12 characters) and the characters will be ASCII upper-case, lower-case, digits, and the +, /, and = characters (or you can trim the = characters, they are just padding), so make sure you use a font that distinguishes all of those characters clearly (for example, o, O, and 0 should be recognizable, as should 1 and I). In that case, anything down to about 6 bytes (change the bs parameter) will work fine. If the password doesn't need to be entered frequently, there's no reason to go with anything other than pure entropy from a secure random number generator (base64-encoded so you can print it and users can type it).ĭd if=/dev/urandom bs=9 count=1 2> nul | base64ħ2 bits of high-grade entropy is actually overkill if this password cannot be remotely accessed over the Internet. Don't use serial numbers, or anything else that is going to be within a predictable range (so this also rules out timestamps, MAC addresses, and so on) for anything related to password generation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |