Random Password Generator:

Assuming each password character is chosen from a pallet of 72 possible characters, then each time one adds a character to one's password, one makes it 72 times more difficult to break. Thus, a 15 character password is 72^7 times as hard to break as an 8 character password. That's 10,000,000,000,000 times harder to break.

A 15-character password composed only of random letters and numbers (a-z0-9) is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard.


How They Are Generated:

It would be illogical of us to fully explain this question, as that would allow folks to Reverse engineering what we are doing... which would just be stupid of us to allow - as this would jeopardize our passwords crypto-strengths!

Here is what we will share:

First we acquire some randomized numbers from Random.Org which is a service that provides truly random numbers. As they put it at their website, "RANDOM.ORG offers true random numbers that comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs.". We will not say how many columns we use, nor what the integer values we use are, but you can generate some of your own at their website to see how it works. :)

Secondly we do some base to decimale stuff to make some changes between what random.org uses and what we need. All grunt-work-stuff on our end to make the programming-language we use happy with the stuff that random.org provides. While doing so we use throw in some additional unique randomization in order to produce a nice healthy seed.

Thirdly we take our randomized numbers and srand them just for the fun of it.

Fourthly we take the above "randomized number" -> "srand number" and seed it with the characters allowed within each section below. (i.e.: a-z, a-z0-9, a-z + 0-9 + A-Z + Symbols, a-z + 0-9 + A-Z + Symbols + Space + ANSI)

Fifth we validate that the strings are the right length. (i.e.: 6-chars, 15-chars, 124-chars) Excitting Huh!

Sixthly we validate that none of the strings contain any random characters not allowed within the given section to be passed along. (a menial task that we do just for you!)

(added: 2/3/2008) Decided to add another step of randomization for all generated passwords that are "Fairly Strong" and above. We now randomize the "available characters" (i.e.: a-z, a-z0-9, a-z + 0-9 + A-Z + Symbols, etc) rather then using a set-pattern. We should have done this from the start, but neglected to do so. This extra step should truly make the "probably unbreakable" unbreakable to most modern non-super-computers! Unsure of the bit-level increase on this (and unwilling to share further details of what we have done to protect our methodology), but it is a huge increase to the overall bit-level!


Passwords Strengths:

Below we will start by displaying some pretty worthless passwords (easily broken by a brute force attack), then move onto some more pretty worthless passwords, and work our way into more and more secure passwords. It is safe to say that the "probably unbreakable" passwords are just that... unbreakable -- even with most modern super computers. Of course, we do not place any warranty that they c/would not be... but it is highly unlikely that they could be. Of course, one has to ask, "how in the world could a person be expected to remember any of the 'probably unbreakable' passwords?" -- to which we do not have an answer. Obviously writing them down greatly increases the risk that somebody might find it and try it. Use at your own risk ;)

All that said, remember that if you are not a big-fan of passwords, there is such a thing as a Passphrase -- which many people consider to be much more secure then a password!

If one takes into consideration a modern chipset and a budget of $1 billion (100 million custom coded encryption CPU engines in parallel), with some of the most efficient brute-force systems available, it is possible to crack a 128 bit encrypted volume in only 1,000 billion years. Of course the important part to remember here is that if the encryption key is either derived from a password, or is encrypted by a hash of a password, then $12M worth of equipment should be able to crack it in about 3 hours and $1B of equipment should crack it in about 2 minutes or so.

What is key to all of this is that cracking encryption methods is not always about using brute force against keys, but rather that guessing passwords which are derived by weak password generators are much more important to realise and use. How one generates keys and what one does to protect their keys is the crucial step to any level of security. It really does not matter if a key length takes a billion years to crack if the process of guessing the password itself only takes a few hours because they are not generated correctly!


A Word Of Caution:

Obviously we are taking security seriously with the below passwords (even for the weak/worthless ones) but you should not use ANY of the below passwords that are lower in security then our "Secure" level for MS Window passwords or for WEP/WPA keys. The reason for this is that some very popular and easy to use tools already exist to acquire these with very little effort.


And Now, Here Are Some Passwords:

(don't like any... just refresh the page)



Completely Worthless: (6-chars in length, including: a-z)

vtjmwu
yjsbhi
pdunjv
qgvvka
yphwrk


Worthless: (6-chars in length, including: a-z + 0-9)

m53b8b
n56yrt
6fn8nz
ug5w83
2kpsq5


Weak: (8-chars in length, including: a-z + 0-9)

yskh2v0u
8lz1a76c
tdri6ruw
1palassj
f0uswf7f


Strong: (8-chars in length, including: a-z + 0-9 + A-Z)

wMby3umn
4ZF3wfaF
H6glbdK1
TVN3fIip
853PbmIx


Fairly Strong: (12-chars in length, including: a-z + 0-9 + A-Z)

jq1QBLRfUXli
yDlKcH1JdKlf
CwNmV3buQwGC
N5j1UVYvBRJa
5hjzZChhmqch


Secure: (15-chars in length, including: a-z + 0-9 + A-Z + Symbols)

LXVmmW3YfhV~nW
4~=T4Kkmnrb1bAc
-+lEQffu%K=#I-q
uWZIQ^XZr^NY8
SsN*iq8dTwPZkEx


Very Secure: (24-chars in length, including: a-z + 0-9 + A-Z + Symbols)

!juj-+2N#C&iEpTYjI=rAJl7
%YqXXj7pJvTcXvjqpCKdRXfT
&eri*K=Ceb-Y2reR4!wLs7jX
Zisjfbj&Juwcfjw%pcTYN*kp
-JJYTnXlqkPI-ptxl1gP5pt


Extremely Secure: (36-chars in length, including: a-z + 0-9 + A-Z + Symbols)

x%L%N1qXgnt&VQY*l5=QdgJcbqx*Ze^1fd
l=1lT&Q&&t!dkV-CLfLqPkTV!wX*=kQj=
b#%%nNJ#dx#JgRud&1ZXV8kt8c*lJJL#J%
gt8P%P^px=pc7jnt%u1Y8XPwlfgRuXxtcnn
LpJRY1r=LPkZ8!8!p&VVbqTpbfrZ1J8nx!


Probably Unbreakable: (124-chars in length, including: a-z + 0-9 + A-Z + Symbols + Space + ANSI)

dC\DkdX‡nü6ln+=t*ca¾uwTU7hT \k!KJuCqE#mQK¾Y¼6AkMìp&jT6N2SrE@Š&ivHE¾u¥PPDìŠ=ªG^©2bwŽa&@8+4V^e êeU%ŽiN¼5m!3NI¼CuBj&NVlbHNjKI

\m+XM‡¾jK88#Duu-©p1cDC8XL5wT%#ªs¼f33*VxK8M¾fbv*nq@7iY8ŠLaiŠ¼6¼ k#¥XelbªªŠCmft#=XE3cn3+dD=A¾pPt7\NU¥atüqZ8 2qTX¾t‡vtAêV

1banx3ªCøGkŽ©!B7^LøNVwC#K LhxuUêr-pìêpJ1ªŠXhAHbUb\7Cp-bTqG!!ª\x¾ªø¼ìøG@QbbjTsf-MV%B1PY3rw-2x©J©m1ütT-ªaZ%uT^tk e8GpBBP-j@4e

@¾YGødªªeulŽrPBnPa^H¾Š*L%^MNilZLt+Dª-Ed D¼ai4!BVLêpø6LbŠBH2\P3+‡*3nEA+Aøcn44Hü@KeQTdN%Zpbc‡ ‡mk1@7ìkm3ZMdM‡huGhìVamw7ø8hê

xfV1X-%e#TrJrª¼bctaMŠ-VsªaaüvQ3QZetDkq+üb7%Hvi5ªHŽ1l%fBj1qYG4Pm*e1k1GŠªs#L%+C%Eü5m+ExTG‡s2DdD4@Yª2hŠ+6T%AìQU^ªê2nüfknXZ