« iPhone Vodafone EDGE APN
Note: active diverts, Vodafone »

Password generator

Back in May I blogged about changing my passwords to be more mobile friendly, The year of mobile/cell? New passwords, now however, being on an iPhone, I’m on a QWERTY keyboard again. It was at this point I remembered a password generator I threw together in May/June time.

It uses quotationsbook.com’s feeds. Basically, you remember the quote, and, in-turn get a secure password. For example, search for keyword anarchy, and you’ll find the quote “Freedom without obligation is anarchy. Freedom without obligation is democracy“, which as a password is “fwoiafwoid“. So, check it out: Password Generator

Tags: , , ,

This entry was posted on Monday, October 29th, 2007 at 7:45 am and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

7 Responses to “Password generator”

  1. Amit Says:
    October 29th, 2007 at 7:14 pm

    great work Dave!

  2. Danny Hope Says:
    November 9th, 2007 at 12:36 am

    Isn’t this a really weak kind of password though?

  3. Dave Says:
    November 9th, 2007 at 1:40 am

    @Danny: How so?

  4. A.M Says:
    November 12th, 2007 at 12:43 am

    Good job, Dave.

    However, I agree with Danny, this is somehow a weak password.

    Why? Because of the limited (they’re relatively not that many) number of quotes (and thus the letter combinations), password generated will be easily susceptible to a “dictionary attack”. That is, simpley, trying all possible quotes.

    Still though, I may personally use it for some low-risk accounts. Thanks!

  5. Dave Says:
    November 13th, 2007 at 12:14 pm

    @A.M: I agree, but you are basically saying:

    * assuming a cracker knows you use quotes to remember your password
    * assuming it’s in databases added to ‘dictionary’ (the one I’ve used in the past isn’t)

    .. but how is a cracker going to know you use quotes to remember your password? Regardless of what technique you use to remember your password, if you tell it to the world you leave yourself less secure.

    This primarily solves users entering weak passwords leaving them open to the ‘brute force attack’, at the same time giving users a password they can remember. More importantly, it gets users thinking a little more about security.

  6. James Says:
    January 11th, 2008 at 8:45 am

    Hmm, personally now I’d think of making a script that screenscrapes quotationwhatever and just adds those quotes to the dictionary.

    Passphrases are a better idea, because they often have punctuation etc.

  7. Dave Says:
    January 14th, 2008 at 6:52 am

    @James: … read my previous comment.

Leave a Reply