October 26th, 2013, 06:35 PM
Predictable password generator
Right, this is a bit of a long introductory post, so bear with me here. The program is going to be written in Python once it is done, so I figured this would be the right thread, so I could update it underways when I inevitably hit issues.
Going through my list of subscribed services that I use every day I was flabergasted – in total I use over twelve serivces a day that all require passwords to login. Naturaly I shouldn't use the same password for all and having a notebook with passwords noted down isn't a good idea (some of the services include encrypted file storage, cloud storage and email). So here is the solution I have come up with:
A predictable password generator consisting of several modules, the arranging of the modules and number of times they are run depending on the information the user enters in the four supplied fields (p1, p2, number_of_characters and profile_name).
p1/p2 would be a sentence like a joke (p1: I love cats | p2: they are great on toast) or a line from your favorite drama (p1: Fernando, the bay, she is not yours!| p2: por que, por que maria! *sob* )
number_of_characters is the length of the password (depending on the service there may be different max lenghts or perhaps you want to use a max length – 1 length password for some reason).
profile_name is a last variable that is the service you use it for (email) or the site (facebook / ...), this way you could have one phrase in p1/p2 and the same password length but with the different profile_name you would still get a different result.
The idea is to have the app on a tablet or smartphone, then use the memorable information to “generate” the random lapha-numeric-punctuation password each time it has to be entered.
I'd go more into detail about the modules and functions but for the moment I am just wondering what people think (as opposed to having a notebook with the passwords or an encrypted password file). I already have a list of pro/con but would like to hear other people's thoughts first – especially as I am far from a cryptographer/mathematician/...
October 28th, 2013, 10:50 AM
Password protection schemes often require certain characters, "must include upper and lower case and a digit", must include "#" or "$". And some sites require periodic password change. These are so common I'd want to plan for these cases in the first version of my program.
I've found another way to login to some sites---keep your email from the "I forgot my password" button and use the link they send to login. Yes, sometimes these expire.
[/code] are essential for python code and Makefiles!