> Using a decent password generator and specifying a mix of upper and > lower case letters, digits, and special characters, how many total > characters -- as a minimum -- would you recommend such a password be?
Generate 16 random bytes, base-64 encode them, memorize the output. I use a Python script to generate high-value keys. Works pretty well wherever there's a /dev/random device that can be read. I'm sure there's a way to do it for Windows, but I almost always have a UNIX terminal handy so I haven't bothered. :) I'm presenting the script here in case someone else finds it useful, but really, it's embarrassingly simple. #!/usr/bin/env python #coding=UTF-8 # # genrandkey -- generates high-randomness 128-bit keys # # Contributed to the public domain. # # Be careful with this script: each time you run it you consume # sixteen bytes from the system's high-entropy source. Only # generate random keys when you need them! # # If you need to generate a lot of keys, you may want to use # /dev/urandom instead. The keys won't quite be of as high # quality, but should be plenty good enough for almost all # purposes. # # Usage example: # # proverbs:~ rjh$ ./genrandkey # EDTnI9Awc6Y19Rysg2+H+g== from base64 import b64encode if __name__=='__main__': with open('/dev/random') as fh: print b64encode(fh.read(16)) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users