1PWGEN(1)                    General Commands Manual                   PWGEN(1)
2
3
4

NAME

6       pwgen - generate pronounceable passwords
7

SYNOPSIS

9       pwgen [ OPTION ] [ pw_length ] [ num_pw ]
10

DESCRIPTION

12       The  pwgen  program generates passwords which are designed to be easily
13       memorized by humans, while being as secure  as  possible.   Human-memo‐
14       rable  passwords  are  never  going  to be as secure as completely com‐
15       pletely random passwords.  In particular, passwords generated by  pwgen
16       without  the  -s option should not be used in places where the password
17       could be attacked via an off-line brute-force attack.    On  the  other
18       hand,  completely  randomly  generated  passwords have a tendency to be
19       written down, and are subject to being compromised in that fashion.
20
21       The pwgen program is designed to be used  both  interactively,  and  in
22       shell  scripts.   Hence,  its  default behavior is differs depending on
23       whether the standard output is a tty device or a pipe to  another  pro‐
24       gram.  Used interactively, pwgen will display a screenful of passwords,
25       allowing the user to pick a single password, and then quickly erase the
26       screen.   This  prevents someone from being able to "shoulder-surf" the
27       user's chosen password.
28
29       When standard output is not a tty, pwgen will only generate  one  pass‐
30       word,  as  this tends to be much more convenient for shell scripts, and
31       in order to be compatible with previous versions of this  program.   In
32       addition, for backwards compatibility reasons, pwgen will not use upper
33       case letters or numbers by default in this mode, although this  can  be
34       overridden using the -n and -c options.
35

OPTIONS

37       -0, --no-numerals
38              Don't include numbers in the generated passwords.
39
40       -1     Print the generated passwords one per line.
41
42       -A, --no-capitalize
43              Don't  bother  to  include  any capital letters in the generated
44              passwords.
45
46       -a, --alt-phonics
47              This option doesn't do anything special; it is present only  for
48              backwards compatibility.
49
50       -B, --ambiguous
51              Don't  use  characters  that  could be confused by the user when
52              printed, such as 'l' and '1', or '0' or 'O'.  This  reduces  the
53              number  of possible passwords significantly, and as such reduces
54              the quality of the passwords.  It may be useful  for  users  who
55              have bad vision, but in general use of this option is not recom‐
56              mended.
57
58       -c, --capitalize
59              Include at least one capital letter in the  password.   This  is
60              the default if the standard output is a tty device.
61
62       -C     Print  the  generated passwords in columns.  This is the default
63              if the standard output is a tty device.
64
65       -N, --num-passwords=num
66              Generate num passwords.  This defaults to a screenful  if  pass‐
67              words are printed by columns, and one password.
68
69       -n, --numerals
70              Include  at  least  one  number  in  the  password.  This is the
71              default if the standard output is a tty device.
72
73       -H, --sha1=/path/to/file[#seed]
74              Will use the sha1's hash of given file and the optional seed  to
75              create  password. It will allow you to compute the same password
76              later, if you remember the file, seed, and pwgen's options used.
77              ie:  pwgen -H ~/your_favorite.mp3#your@email.com gives a list of
78              possibles passwords for your pop3 account, and you can ask  this
79              list again and again.
80
81              WARNING:  The passwords generated using this option are not very
82              random.  If you use this option, make sure the attacker can  not
83              obtain a copy of the file.  Also, note that the name of the file
84              may be easily available from the ~/.history  or  ~/.bash_history
85              file.
86
87       -h, --help
88              Print a help message.
89
90       -s, --secure
91              Generate  completely  random, hard-to-memorize passwords.  These
92              should only be used for machine passwords, since otherwise  it's
93              almost guaranteed that users will simply write the password on a
94              piece of paper taped to the monitor...
95
96       -y, --symbols
97              Include at least one special character in the password.
98

AUTHOR

100       This   version   of   pwgen    was    written    by    Theodore    Ts'o
101       <tytso@alum.mit.edu>.   It is modelled after a program originally writ‐
102       ten by Brandon S. Allbery, and then later extensively modified by  Olaf
103       Titz,   Jim  Lynch,  and  others.   It  was  rewritten  from scratch by
104       Theodore Ts'o because the original program was somewhat of a hack,  and
105       thus  hard to maintain, and because the licensing status of the program
106       was unclear.
107

SEE ALSO

109       passwd(1)
110
111
112
113pwgen version 2.05               January 2006                         PWGEN(1)
Impressum