A Customisable Command-Line Password Generator
One of my earliest Python exercises was creating a command-line password generator. Over time I’ve been tweaking and improving it, and I feel that now it’s ready to share with the greater world.
The program allows you to create random passwords of a specified length. The randomizing algorithm goes beyond a simple random.choice() call, due to the inherent limitations of Python’s random number generator. Here’s the algorithm I worked out:
The result of the current Unix time and the argument is divided by a random number determined by random.random(). This is then Base64-encoded, and the chosen punctuation marks are appended, if applicable. Finally, the required number of characters are chosen via random.choice().
I realize I only really escape the random module the one time, by seeding with the current Unix time. However, I hope the various convolutions make up for that.
By default no punctuation marks are included, but there is are options to either include all punctuation marks, all the punctuation marks minus the user’s choice, a reduced set of punctuation marks (no quotes or brackets/braces/parentheses), or a user-defined custom set. I’m debating whether to make the reduced set included by default with an option to have no punctuation, rather than having punctuation by default turned off.
There is also an option to create a leet (a.k.a. 1337 or l33t) password. This is sometimes a good way to create an easy-to-remember password, but it is actually considered to be somewhat insecure, for the same reason that using a dictionary word as a password is insecure. Password-cracking programs have grown in sophistication so as to now be able to handle common character substitutions. However, you can choose to include some special characters if you choose, though they must be hard-entered (i.e. you must pass any special characters in your submitted string, and they will not be randomized).
The next improvement I have planned is adding a key-press timer for another random seed: either the user holds a key down for a random time, or waits a random time and hits a key to stop it. This will either be default or invokable by command line flag.
Anyways, let me know what you think, and let me know about any bugs or ways I can improve the code!
EDIT: I’ve decided that I’m going to try to implement this program in C++ . . . one day. Not only will it be a lot faster (not a big concern), but it will also be much more cross-platform. I will also try to implement a simple GUI . . . again, one day. Any other suggestions?