OK - was chatting to a colleague and mentioned I have 3 separate scripts I use to generate passwords - i.e. either 2, 3, or 4 dictionary words - separated by “-” dash and ending with a 2 digit number…
I plagiarised this Python script from here :
(incidentally - I only realised today - the owner of that repo must be Australian, because their repo also has the source for “webdl” which I use sometimes to grab TV shows from online Australian streamers like ABC-TV and SBS - but also some of the commercial “free to air” streaming services).
Then I noticed there was an updated version with extra added entropy goodness :
So - anyway - I mostly used the two word password version of the earlier script - and Capitalised (all CAPS) the first word and replaced the first “-” with “_”. That was manually done - decided to automate with a bash script “wrapper” with the later version of passphrasegen - but that has spaces in the generated passphrase - I don’t want that - I’m lazy - I want to double click on the output and get it in the X-Select-Buffer so :
#!/usr/bin/env bash
PROG=$(basename $0)
OS=$(uname -s)
case $OS in
Linux)
SED=sed
;;
Darwin)
SED=gsed
;;
*)
echo "this $PROG doesn't work in this O/S"
exit 1
;;
esac
# below Python script "$SNAKE" was plagiarised from https://bitbucket.org/delx/scripts/src/master/bin/passphrasegen
SNAKE=~/bin/new-passphrasegen.py
for PASS in 1 2 3 4 5
do
STRINGCNT=$($SNAKE | tail -1 |$SED 's/Passphrase\://')
FIRSTWD=$(echo $STRINGCNT |awk '{print $1}')
UPPED=$(echo $FIRSTWD |tr '[:lower:]' '[:upper:]')
LASTBIT=$(echo $STRINGCNT |cut -d' ' -f 2-|$SED 's/\ /-/g')
CAMELCASED=$(echo $LASTBIT |$SED "s/\b\(.\)/\u\1/")
FINALSTR=$(echo $UPPED"_"$CAMELCASED)
echo ---- STRING = $FINALSTR
done
The above tailoring for MacOS is 'cause the MacOS version of sed doesn’t / can’t to CamelCase per sed "s/\b\(.\)/\u\1/" - so I have to use “gsed” instead (gnu-sed - provided by HomeBrew). I agree - there’s maybe too many lines there and could be tweaked further…
I also changed the original (Python) a bit - down to 4 (from 5) words between 4 and 6 (from 3 and 8) chars (author’s original scores 82 for entropy, my version still gets 63):
I mostly use the clipboard for reading / inputting these elsewhare (kpcli can put them in the clipboard for you easily) - but - sometimes I have to type them out manually and I don’t want some impossible to type correctly string of random chars like Y#CC^ngy&yhA!466%gpL0 - and that has less entropy anyway… Also - I only have to hold down SHIFT (or set CAPS lock on) for the first word and “_” and first letter of 2nd word when I’m reduced to typing the password out - this does happen in nested RDP layers…
I take a poem that I know by heart, use the first letter of each word , permute some to capitals, and add a few numbers and specials.
Given that I know quite a few obscure pieces of poetry, that should be adequate… and I dont need a script.
I used to use just about the only bit of verse I knew by “heart” for a pass phrase - but it’s not that obscure - the first opening stanzas of Lewis Carroll’s “The Jabberwocky” :
twas brillig and the slithy toves
did gyre and gimble in the wabe
all mimsy were the borogoves
and the momeraths outgrabe
But in my use case scenario - where I have about 25 different platforms (i.e. about 10 different directory services for one customer alone) I need to change passwords for fairly often - I’d soon run out *
I have a reasonably complex passphrase I use for my encrypted LUKS partitions - not going to change them any time soon - if I mess that up - I’ll lose it
* I used to have Hamlet’s speech to his father’s ghost memorized (because I worked backstage and as an onstage extra on a production of it for 6+ weeks) - but I’ve long forgotten that monologue…
I didn’t get to play the titular “Dane” - but I was a Danish mourner at Ophelia’s funeral and had to physically restrain Laertes from attacking “The Dane”… (for those “not in the know” - that GIF is in reference to Uncle Monty - from the hilarious UK film “Withnail and I” from 1986).
It would be nice to live in a perfect world where everyone could be trusted and there was no need for this sort of rubbish.
My wife recently asked me to setup the “Hazards near me” app on her Android tablet. Simple, I thought… but no It requires a login and password before it will execute… it took half an hour to setup.
That is nonsense. There is no need for a login, it is just an information app, and an important one in some circumstances.
Passwording that is like putting a login and
password on a ‘000’ phonecall.
I have a really shitty app I use to order my meds - I’m 63 so on a range of cholesterol and blood pressure meds - also antidepressants and “helps me sleep” stuff (melatonin - but a high dose)…
The app I use is Medadvisor - to order from my list of prescriptions…
Some time ago they started “enforcing” MFA and PIN access… So I set a PIN - their shitty app is so stupid - it doesn’t jump to the next cell/field with I enter a single digit - and when I’ve entered all the correct 4 digits and press “Go” - it does sweet FA… piece of crap…
Lucky I have a computer - access to the web-app version of their garbage works and I can order my scripts… What a piece of crap! Imagine if your only internet access was your phone?
I’m thinking about taking all my prescriptions out of there and going to somewhere closer to home using the old manual methods… It’s a joke!
Yeah - I removed the app completely - re-installed and the same issue - and I’m not alone…
Here are some brief one-liners to generate random passwords with Bash. This one uses the commands shuf and head to print three random words from a dictionary file, and the Bash built-in variable RANDOM to generate a positive integer:
:
*
