Sunday, 31 July 2016

Generating random password with Bash

If you want to create secure and random password, you can install several software that can help you, such as:

  1. makepasswd
  2. passwordmaker-cli
  3. apg
  4. pwgen
But, what if you don't want to install all this software, and using your Bash shell instead.

You can actually do that.

The command that I commonly use to generate secure and random password is below:

cat /dev/urandom | base64 | head -n1|tr -cd '[:alnum:]'|cut -c-16

This command will generate password with 16 character. If you want it to be longer or shorter, change the last number. Beware that password less than 8 characters can be bruteforced fairly easily with modern hardware.

There are other method that use date +%s as the input source, but I would not recommend it because the number is too predictable. If a hacker knows that you generate password using the date method, he can quickly build a dictionary of password with different length and start bruteforcing your site with the dictionary.

Please test the command above, and leave comment if you have any question.