1 |
On 04/02/2019 07:47, Dale wrote: |
2 |
> How do you, especially those who admin systems that are always being |
3 |
> hacked at, generate strong passwords that meet the above? I've googled |
4 |
> and found some ideas but if I use the same method, well, how many others |
5 |
> are using that same method, if you know what I mean. ;-) Just looking |
6 |
> for ideas. |
7 |
|
8 |
I don't use a password manager. For website logins, I just use the |
9 |
password manager in the browser (Firefox), which does not use a master |
10 |
password :-P I just assume my own system is not going to be compromised. |
11 |
|
12 |
For the websites I use, I generate a unique password per site using this |
13 |
command: |
14 |
|
15 |
$ pwmake 128 |
16 |
|
17 |
This generates a password using 128 bits of entropy from /dev/urandom. |
18 |
You need dev-libs/libpwquality being installed (it's a dep of something |
19 |
important, I think, so should be installed on most systems already.) |
20 |
|
21 |
For remote systems I administer through SSH, I don't use passwords. I |
22 |
use a public/private key pair to log in (4096 bits.) My private key is |
23 |
protected with a strong password though, but it's easy to remember since |
24 |
it doesn't need to change. Something like: |
25 |
|
26 |
ilp&mac4d@4*r |
27 |
|
28 |
Which is short for: |
29 |
|
30 |
I like pizza and macaroni for dinner at four star restaurants. |