There are a lot of places with obnoxious limitations to the characters you can put on a password, or even worse, to te length of it.
If you don't take anything away from this post, at least take that: password fields should allow any character and be long enough for your users to not notice ever the length constraint.
There are people using password generators and pasting 250 character long strings. Make their life easy, because they are doing their part.
But, alas, if you don't use a password manager but still want to have secure passwords, that are easy to remember but hard to guess, then the best tip on the internet is this:
And if you know me, I usually face problems by throwing ruby at them, so, here we go:
Assumptions:
- you are on GNU/Linux or you can provide a text file with a list of words for your target language
- you have ruby installed
Code:
#!/usr/bin/env ruby
# https://www.xkcd.com/936/
module PasswordGenerator
extend self
# replace this with your language:
WORDS = '/usr/share/dict/spanish'
def run
puts((1..4).map { safe_words.sample }.join(" "))
end
private
SAFE_SET = /\A[A-Za-z]+\Z/.freeze
# avoid non-ascii to save trouble
def safe_words
@safe ||= words.select{ |w| SAFE_SET.match(w) }
end
def words
@words ||= File.read(WORDS).split("\n")
end
end
# this executes the run method if the file is run as a command
PasswordGenerator.run if __FILE__ == $PROGRAM_NAME
The intended use is to run it a couple of times until some combination of words hits you with an image or story you feel able to retain.
Cover Image by Jan Alexander from Pixabay
Top comments (1)
Fun fact: The XKCD site was hacked, and the second most common password used was "correct horse battery staple"
You can also use
grep
for===
responding objects likeRegexp
:grep_v
will do the inverse (becausegrep -v
in Unix). As of Ruby 2.5 (iirc) the predicate methods (any?
,all?
,none?
,one?
) also take===
responding objects directly.