On 04/02/2019 07:47, Dale wrote:
How do you, especially those who admin systems that are always being
hacked at, generate strong passwords that meet the above? I've googled
and found some ideas but if I use the same method, well, how many others
are using that same method, if you know what I mean. ;-) Just looking
for ideas.
I don't use a password manager. For website logins, I just use the
password manager in the browser (Firefox), which does not use a master
password :-P I just assume my own system is not going to be compromised.
For the websites I use, I generate a unique password per site using this
command:
$ pwmake 128
This generates a password using 128 bits of entropy from /dev/urandom.
You need dev-libs/libpwquality being installed (it's a dep of something
important, I think, so should be installed on most systems already.)
For remote systems I administer through SSH, I don't use passwords. I
use a public/private key pair to log in (4096 bits.) My private key is
protected with a strong password though, but it's easy to remember since
it doesn't need to change. Something like:
ilp&mac4d@4*r
Which is short for:
I like pizza and macaroni for dinner at four star restaurants.