A whole bunch of password generator websites have popped up, purporting to be able to help generate strong passwords for you. Browsers such as Chrome and Firefox have also added their own built-in password generators and there are apps and browser extensions aplenty offering to make the worlds strongest password.
I don’t trust any of them! Maybe I’m just paranoid but I prefer to generate my own passwords. I just need to ensure my passwords contain sufficient entropy.
First, you will need a decent-sized dictionary or word list. Borrow one from
/usr/share/dict, for example,
Next, unless you like typing obscure one-liners into the terminal, do yourself a favour and add an alias. An example is:
alias pgen="shuf -n 4 /usr/share/dict/english | xargs -d '\n' echo | tr ' ' '-'"
When the alias
pgen is typed into the terminal, it executes a shuffle with
shuf, returning 4 random words from the dictionary. It then
displays them with a hyphen as a separator between each word. Some examples of
pgen #output Navarro-scrupulously-romanced-controverts rabbi's-antitoxin-entertainments-sham rink's-exes-byway-speedster Wolfe-nephritis-flouncing-Harrington crow-miles-passionless-floodlighting
Notice how some lines do not contain any uppercase letters and there are no number characters. It is good practice to use mixed-case letters and numbers in passwords, so manually insert or substitute some, if preferred. That said, the entropy score on the above examples is already off the charts and these passphrases are considered just as secure as this one: