• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

RFC on my new little project.

Status
Not open for further replies.
Kreij

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.05/day)
Location
Cheeseland (Wisconsin, USA)
I'm writing a little strong password generating program for the fun of it
Here's a pic of the GUI.
Capture013665.jpg


I'm looking for input on options and rules to make it useful for variety of purposes.

Thanks!!
 
interesting enough, we use these programs to generate user passwords for users on secret / top secret networks when they create an account.

You should try to sell this to the united states army special operations command when you are done with it.
 
I was thinking about using "seeds", so you can remember your password, and store your "seed" somewhere safe. Whenever you forget your password(s), retrieve the seed, run it pass the program, and insta retrieve! Much safer than storing your actual passwords somewhere. But that sounds like another project.
 
Fourstaff said:
I was thinking about using "seeds", so you can remember your password, and store your "seed" somewhere safe. Whenever you forget your password(s), retrieve the seed, run it pass the program, and insta retrieve! Much safer than storing your actual passwords somewhere. But that sounds like another project.
Click to expand...

That's what I had planned. An encrypted file to store the data, unecrypted in the GUI.
That's easy enough to do.

But right now I'm just look for input on options/rules. The ones I have show in the GUI are some that I've run across when having to make passwords for various things, and I'm interested in if anyone has seen other options or rules that were required when creating a password.
 
How about setting the frequency of uppercase/undercase/numeric and special characters. How many of each do you want to use. Also, an option to set "X" amount of normal characters before a special character is used.
 
Thanks, CStall.

I was going to make it so there would never be more that 3 consecutive, similar "types" of characters, but your suggestion got me thinking.
I'm not sure exactly how to implement that as I don't want so many options that the user could potentially make the password less secure through less than judicial use of the options. :/

I'm also going to make the minimum password length 6, as a password length of 3 would not be considered "strong" by any means. :D

I added the "Hex Only" option in case someone wants to generate a WEP password.

I should probably use Unicode characters for localization purposes too.

I also was going to allow the user to modify the generated password before accepting it.
That too could potential create a less than secure password, but I can do a "strong check" and warn them before actually committing the password.
 
If you can implement a dictionary text file to check against, one of our requirements demands that our passwords do not spell a word, phrase, or a name.
 
Hmmm ... I should probably then prompt for the username for the site also to check for easily broken derivations of the username.
Maybe I'll just take away the ability to modify the generated password. :D
The odds of the generated password being anything like the username or a real word would be virtually none.
 
Or, you could give it a message and tell them to 'remember the password and guard it with your lives' :D
 
The passwords will be stored in an encrypted file, so they only have to remember one key to access them. Of course, if they forget the key they're up the perverbial creek without a paddle. :D
 
This is going to be encorporated into my Key-Z project.
Please use this thread to see what's going on.
 
Status
Not open for further replies.
Back
Top