Good Passwords with GnuPG

I found out from this site that GPG can be used to generate random text for passwords. Here’s the command:

 gpg --gen-random 1 20 | gpg --enarmor | sed -n 5p

Very simple. I may have to use this in the future.


This limits you to the Base64 character set, greatly limiting the search space for password cracking.  One should really use something other than enarmor to spit out a random printable ASCII string…


OK, I did it.  It took some time, but it works nicely now, and generates MUCH better passwords:

hank@tardis:/nexus/tardis/hank$ for i in 1 2 3 4; \
  do gpg --gen-random 1 20 | \
  perl -ne's/[\x00-\x20]/chr(ord($^N)+50)/ge;s/([\x7E-\xDB])/chr(ord($^N)-93)/ge;s/([\xDC-\xFF])/chr(ord($^N)-129)/ge;print $_, "\n"';

I know that probably looks like gobbledy-gook, but the main part of it is this:

gpg --gen-random 1 20 | perl -ne'print "Your password: ";s/[\x00-\x20]/chr(ord($^N)+50)/ge;s/([\x7E-\xDB])/chr(ord($^N)-93)/ge;s/([\xDC-\xFF])/chr(ord($^N)-129)/ge;print $_, "\n"'

Run that in a terminal, and profit.

One thought on “Good Passwords with GnuPG

  1. Pingback: The Government’s Certificate Authority: Why you shouldn’t worry | Schadenfreude

Comments are closed.