On 2017-08-13 00:29, David C. Rankin wrote:
On 08/12/2017 11:24 AM, Carmen Bianca Bakker wrote:
On 12/08/17 17:58, Linux Kamarada wrote:
I've never used a GUI/CLI password generator, always when I need, I use online ones. I heavily recommend against this. You cannot really trust that the password you are given on that web page is not also stored by the provider of that web page. You could be semi-sure by turning off internet access during password generation (and thus relying solely on local JavaScript), but it's honestly a needless risk to take.
pwgen is a perfectly good tool for this purpose.
Amen!
In the days of (it's all cracked or hacked), why on earth would you ever use an online password generator that may just be a front-end to cracklib, hashcat, John the ripper, etc...
I can't think of a more troubling thing to do from a security standpoint than tell the internet-world "Hey, look here! I genning a new password!"
pwgen might send the password to somewhere, too ;-P A GUI is nicer, easier to chose the options without reading the manual. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)