
Show HN: Random Password Generator - ankitpati
https://github.com/ankitpati/rpg
======
ankitpati
A command-line password generator that sources entropy from /dev/urandom
(configurable in the source to /dev/random), generates printable ASCII
passwords without whitespace, and preserves entropy with a guarantee to waste
no more than 63 bits of entropy in a single invocation on most modern
machines.

------
stephenr
How does this compare to say pwgen?

~~~
ankitpati
pwgen

1\. Focuses on memorable passwords, and restricts itself to fewer ASCII
characters than rpg.

2\. Makes no attempt to preserve entropy; waste of entropy is potentially
unbounded. This is a performance concern when reading from /dev/random, and a
security concern when reading from /dev/urandom.

3\. Has large source code spread across multiple files. Good for reusability
of components, not so good for auditability and security.

4\. Requires Perl and sed.

~~~
stephenr
1\. That's what the `-s|--secure` flag is for

3\. Is 1000 lines in 6 files really "large"?

4\. On Debian at least, it just requires Libc.

~~~
ankitpati
1\. Sorry, didn't know about that. Just took a cursory glance through the
source code.

3\. 126 lines in 1 file is still an order of magnitude smaller.

4\. The source has a Perl and a sed script, although they are not used in the
password generation.

(2) is still a concern, especially on servers and embedded computers.

