BeGIN:_GENPW_8TD15uZkGtHJWL9CNMBRfGJGMTGsN1U_C8O40075DGL755dGO2JyNJoJE 8(X8u1qQaxd7zS2WcJDqB31JXU:b2V5X083N1gg0MJ51kGYtVQGBdWtE,TMAQ7Px9RF9eh DhB5TAoWBl5GCDU;)b3b98U.MJ0FxlB3Qp1XhGM0j7IGWaM9)A67QdLI!XVdORxTgjH+Yr genpw Latest Version: 0.3.0 Overview: 1. General Informations 1.1 Description 1.2 Platforms 1.3 License 1.4 Todo 2. Download 3. Changes 4. Papers 4.1 pwgen-0.1 Password Security Analysis -[ 1. General Informations ]- -[ 1.1 Description ]- genpw is a program to generate passwords. These passwords are generated using a set of charactersets with different probabilities. The usage of probabilities and different charactersets gives the user more influence on the layout and security of the generated passwords. Another feature of genpw is that it is able to use password patterns to generate passwords with a userspecified characterset layout. Please note this can lead to a security weakness if an attacker knows the pattern. In general this is a good way to tighten up user passwords which are probably easy to break by dictionary attacks, by appending a random part including special characters and numbers. genpw is able to generate random numbers and print them to stdout. This is very useful to randomize password patterns, probabilites or the length of passwords generated by genpw. -[ 1.2 Platforms ]- genpw is designed to be as platform independent as possible. Actually genpw compiles, with correct settings, on various systems. genpw is developed on a x86 GNU/Linux system and will use advantages offered by the system. Please set the #define/#undef these variables in defines.h +--------------------------------------------------------------------+ | System | USE_RANDOMNUMBERDEVICE | USE_GETOPTLONG | +--------------------------------------------------------------------+ | Linux | Supported | Supported | | BSD | Supported | Supported | | Solaris | * Supported | Supported | | Cygwin | Not Supported | Not Supported | | Other | Unknown | Unknown | | | | | +--------------------------------------------------------------------+ * = Requires some additional tools -[ 1.3 License genpw actually is licensed and will be licensed under the GPL until the end of time. If you want to know more about the GPL please take a look here: http://www.gnu.org/copyleft/gpl.html -[ 1.4 Todo ]- Here is a small snipped of my actual Todo-List for genpw: - Improving the internal design - Improving the usage of Verbosity - Implementing password strength calculation routines - ... -[ 2. Download ]- You will find a link for all downloads on the projects sourceforge.net page: http://sourceforge.net/projects/genpw -[ 3. Changes ]- Version 0.2.3 -> 0.3.0 ---------------------- - Lowered the default value of DEFAULT_DEVICE_ACCESS_COUNT - Some minor changes in random_number.c - Added the possibility to use Phonetics - Updated printHelp(...) - New Options: --phonetics / -p PHONETIC_ALPHABET Enables the use of Phonetics to print Passwords and sets the used Phonetic Alphabet to PHONETIC_ALPHABET - Two available Phonetic Alphabets: Nato, Aero (International) Version 0.2.2 -> 0.2.3 ---------------------- - Added ABORT_PROGRAM to terminate program with an errormessage and return-code -1. - assert(...) is now widely used in the code, to find bugs earlier in the development process and to document code dependencies. - Added USE_FASTER_RANDOMNUMBERDEVICE; using this option will speed up the password generation process. This option requires DEFAULT_DEVICE_ACCESS_COUNT. - Added DEFAULT_DEVICE_ACCESS_COUNT controls how often genpw will read a new initialization number from the random device. It reinitialize the pseudo random number all 1/DEFAULT_DEVICE_ACCESS_COUNT times. - USE_FASTER_RANDOMNUMBERDEVICE is activated by default! - Added DEFAULT_CHARACTER_SETS to specify the default character set table in defines.h - Removed some unused defines - Updated the manpage - Updated informations.c Version 0.2.1 -> 0.2.2 ---------------------- - getRandomNumber now (re)initializes the Random Number Generator on every call, this makes USE_NO_PSEUDORANDOMNUMBERS obsolete. - USE_NO_PSEUDORANDOMNUMBERS is not used anymore - Some structural changes in main() - It is now possible to turn on/off the default use of random length passwords via DEFAULT_USE_RANDOM_PASSWORD_LENGTH - The default maximum and minimum length of random length passwords can be set using DEFAULT_PASSWORD_LENGTH_MINIMUM and DEFAULT_PASSWORD_LENGTH_MAXIMUM - It is possible to set the default action (Generate numbers, generate passwords or no operation) using DEFAULT_OPERATION Version 0.2.0 -> 0.2.1 ---------------------- - Added the possibility to evade the use of a pseudo random number generator by setting USE_NO_PSEUDORANDOMNUMBERS. This requires USE_RANDOMNUMBERDEVICE, but creates more secure passwords. - A few minor changes Version 0.1 -> 0.2.0 -------------------- - Improved the initilization of the Random Number Generator without a Random Device - Changed the internal CharacterSet representation - Some internal improvements - USE_DEVURANDOM in defines.h is now called USE_RANDOMNUMBERDEVICE - Added the possibility to set a default Random Device, by changing DEFAULT_RANDOM_NUMBER_DEVICE in defines.h - New version system - New Options: --device / -d PATH Sets the used Random Device to PATH, if supported --random-number / -N MIN:MAX Prints a random number in the range between MIN and MAX, where MAX highest value can be (2^32)-1 (on a common 32Bit machine). If MAX is zero a number between 0 and (2^32)-1 will be generated. Version 0.1 ----------- - First public release -[ 4. Papers ]- [1] pwgen-0.1 Password Security Analysis Copyright (C) 2004 Boris Schauerte borisscha[AT]users.sourceforge.net UU449gNX(AwBJNqXPL5+06+dIRwJRRzA849Zdc0YFDcgr19j4o5552GcE31O0cCYSXoAYf K_m2s0-Y1HVv:Krg91KEz38lN5TtRMj7N0RDk9XjxyS80K_l-41IKtj4Bp3Zj6gGU9gr54 SCf9LLYErjCwkDJ4586OSi2TK6u!(C6JfIXe2e2M-a92yiOWD3tX5H4ZZ:7eV0BmCZbEOF