|
Choosing Good Password Rules and Password generation Tools For every administrator Choosing a good password, and changing it often, will make it difficult for hackers, crackers, or even someone you know, to make educated guesses about what you've chosen. Here are some tips to help you choose a good password: Don't Use:
Do Use:
Password Generation tools in Debian Automatic password generation tools available in debian some of these tools and their brief details APG (Automated Password Generator) is the tool set for random password generation. It generates some random words of required type and prints them to standard output Check the apg man page for syntax and other details Install in Debian # apt-get install apg pwgen generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word. Check the pwgen man page for syntax and other details Install in Debian # apt-get install pwgen Trigraph Password GeneratorThis package generates pronounceable passwords. It uses the statistics of three-letter combinations (trigraphs) taken from whatever dictionaries you feed it. Thus pronounceability may differ from language to language. Based on the ideas in Morrie Gasser's password generator for Multics, and Dan Edwards's generator for CTSS. FIPS Standard 181 describes a similar digraph-based generator, derived from Gasser's. Check the gpw man page for syntax and other details Install in Debian # apt-get install gpw Password manager with encryptionZSafe is a password manager. Passwords can be stored into user defined categories. The password file will be encrypted by using a secure RC2 mechanism. ZSafe makes a fine standalone application with features such as import and export, encrypted storage, etc. But one of the added benefits is that it is built from the same source code as the ZSafe program for the Sharp Zaurus line of PDAs. Thus, you can use the same program and work with the same files on your desktop as you can on your PDA. This program uses the same on-disk format as the Zaurus version Check zsafe man page for syntax and other details Install in Debian # apt-get install zsafe Password managers for Desktop environments KDE KDE Wallet ManagerKDE is a powerful Open Source graphical desktop environment for Unix workstations. It combines ease of use, contemporary functionality, and outstanding graphical design with the technological superiority of the Unix operating system. This program keeps various wallets for any kind of data that the user can store encrypted with passwords and can also serve as a password manager that keeps a master password to all wallets. This package is part of the official KDE utils module. Install in Debian # apt-get install kwalletmanger Gnome GNOME keyring services (daemon and tools)gnome-keyring is a daemon in the session, similar to ssh-agent, and other applications can use it to store passwords and other sensitive information. The program can manage several keyrings, each with its own master password, and there is also a session keyring which is never stored to disk, but forgotten when the session ends. Install in Debian # apt-get install gnome-keyring
|