jxself.org

Password Generator

Sun, 6 Oct 2013

A recent conversation on identi.ca prompted me to share this.

Instead of using a password manager to store your passwords, this eliminates the need to store passwords entirely.

Just make up a salt which you keep to yourself and use each time while combining it with some other value that's specific to the site/server/email account in question, like the domain name or email address or whatever.

In this version your salt and site-specific thing are concatenated together, hashed, and then base64-encoded. The first 32 characters are returned as the password.

Since the hashed value of your salt and that site-specific thing will always be unique you get a different password for each place. You also need never fear the loss or corruption of your password database, have to deal with backing it up, etc. since there isn't one. You can also always regenerate your passwords from anywhere using standard programs.

#!/bin/bash
echo -n "Enter your salt (won't be displayed): "
read -s SALT
echo -en "\n"
echo -n "Confirm: "
read -s SALT_CONFIRM
echo -en "\n"
if [ $SALT != $SALT_CONFIRM ]; then
        echo "Confirm did not match. Program ending."
        exit 1;
fi
echo -n "Enter your string: "
read STRING
echo -n "Confirm: "
read STRING_CONFIRM
if [ $STRING != $STRING_CONFIRM ]; then
        echo "Confirm did not match. Program ending."
        exit 1;
fi
echo -n "Your password is: "
PASSWORD=$(echo -n "$SALT$STRING" | sha512sum | base64 -w 0)
echo ${PASSWORD:0:32}
exit 0;

Public Domain

To the extent possible under law, I waive all copyright and related or neighboring rights to this script. For more information see https://creativecommons.org/publicdomain/zero/1.0/. This work is published from the United States.