High quality, simple random password generator

Question

I\'m interested in creating a very simple, high (cryptographic) quality random password generator. Is there a better way to do this?

import os, random, strin         


        

Answer 1

I love linguistics, in my approach I create memorable pseudo words with high level of entropy by alternating consonants & vowels.

• Not susceptible to dictionary attacks
• Pronounceable and therefore good chance to be memorable
• Short passwords with decent strength
• Optional parameter to add a random digit for compatibility (less memorable, but conforms to apps built with the old password security thinking, e.g. requiring a digit)

Python code:

import random
import string


def make_pseudo_word(syllables=5, add_number=False):
    """Create decent memorable passwords.

    Alternate random consonants & vowels
    """
    rnd = random.SystemRandom()
    s = string.ascii_lowercase
    vowels = 'aeiou'
    consonants = ''.join([x for x in s if x not in vowels])
    pwd = ''.join([rnd.choice(consonants) + rnd.choice(vowels)
               for x in range(syllables)]).title()
    if add_number:
        pwd += str(rnd.choice(range(10)))
    return pwd


>>> make_pseudo_word(syllables=5)
'Bidedatuci'
>>> make_pseudo_word(syllables=5)
'Fobumehura'
>>> make_pseudo_word(syllables=5)
'Seganiwasi'
>>> make_pseudo_word(syllables=4)
'Dokibiqa'
>>> make_pseudo_word(syllables=4)
'Lapoxuho'
>>> make_pseudo_word(syllables=4)
'Qodepira'
>>> make_pseudo_word(syllables=3)
'Minavo'
>>> make_pseudo_word(syllables=3)
'Fiqone'
>>> make_pseudo_word(syllables=3)
'Wiwohi'

Cons:

• for Latin and Germanic language speakers and those familiar with English
• one should use vowels and consonants of the language predominant with the application users or focus group and tune