Reputation: 49339
Reimplementing mkpasswd
On Linux I am used to using mkpasswd to generate random passwords to use, on OS X however I don't have this command. Instead of sshing in to my vps every time, I wanted to re implement it using Java. What I have done is pick at random 4 lower case letters, 2 upper case letters, 2 symbols (/ . , etc) and 2 numbers. Then I create a vector and shuffle that too.
Do you think this is good enough randomization?
Upvotes: 4
Views: 1537
Answers (6)
Reputation: 3458
If you use java.security.SecureRandom instead of java.util.Random then it's probably secure. SecureRandom provides a "cryptographically strong pseudo-random number generator (PRNG)". I.e. it ensures that the seed cannot easily be guessed and that the numbers generated have high entropy.
Upvotes: 3
Reputation: 41433
There is a similar pwgen command available in the Mac Ports.
Upvotes: 1
Reputation: 116382
yes, it is. If you are using java.util.Random:
An instance of this class is used to generate a stream of pseudorandom numbers. The class uses a 48-bit seed, which is modified using a linear congruential formula. (See Donald Knuth, The Art of Computer Programming, Volume 2, Section 3.2.1.)
The algorithms implemented by class Random use a protected utility method that on each invocation can supply up to 32 pseudorandomly generated bits.
EDIT
in response to a comment:
/**
* Creates a new random number generator. This constructor sets
* the seed of the random number generator to a value very likely
* to be distinct from any other invocation of this constructor.
*/
public Random() {
this(++seedUniquifier + System.nanoTime());
}
private static volatile long seedUniquifier = 8682522807148012L;
Upvotes: 1
Reputation: 75406
Why not just compile mkpasswd on your OS X host?
Upvotes: 0
Reputation: 24507
It might be OK, but you should allow some randomization in password lengths perhaps.
If your program became popular it would become a weakness that the password length was public knowledge. Also randomize the exact ratio of lowercase:uppercase:symbols:numbers a little.
Upvotes: 0
Reputation: 4814
Depends on where your entropy comes from. Using rand() or similar functions that your particular language comes with may not be secure.
On OSX you can use /dev/random I think.
Upvotes: 0
Related Questions
- Generate password hash in java like openssl passwd -1
- How to create pkpass file dynamically in java?
- change password remote unix server using java
- Authenticate linux based user in java
- Unix check mkpasswd against that stored in /etc/shadow
- can I change user password in linux from java program?
- User password check
- Access Unix PAM Password rules from Java?
- How to add a password to a system user with java code
- How to create an API in Java to change the password of a Unix user?