Creating strong random passwords

Throughout our Free and Open Source Software tutorials, we need to specify passwords for things. Creating random passwords is surprisingly hard, but we've found a method that's very serviceable and makes it easy to do as we all should: ensure every separate identity or service has a strong password that is unique to that identity and application (i.e. never use the same password in more than one place). We also strongly encourage you all to track your passwords using a password manager!

To generate decent random passwords, we use pwgen, which you can easily use on your server (log in - via SSH or using your hosting provider's console to your server - as root or, even better as a non-root user with sudo privileges) by typing at the terminal command prompt:

sudo apt-get install pwgen

I don't tend to use special characters in passwords stored in configuration files because they can lead to syntax parsing issues when put into configuration files. Instead, I just make them fairly long. To create a random password, I use this

pwgen -s 19 1

which returns a single 19 character-long password with a mixture of letters (lower and uppercase) and digits. A few examples: HxF0GAyS1jw63Dy3T5K avZ5qj4xt0tTS0ONyLo 43IJZbZxLrKJSegZhyR.

Note: your passwords are likely to appear, in clear text, in your terminal window after you've created them, which is a temporary security threat. Once you've got them entered where they need to be, I recommend running CTRL-L in your terminal window which will clear the visible text from past commands and give you a default command prompt (your terminal session will still remember past commands if you click up arrow).

You can create all the passwords you need to follow one of our tutorials up front and then copy and paste them somewhere useful, like into a text editor on your desktop, from which you can easily copy and paste them and track where they belong. The ones you use to log into remote services yourself should be stored in a password manager (as recommended above!).

Add new comment

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA
Are you the real deal?
3 + 7 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.