1PWGEN(1)                    General Commands Manual                   PWGEN(1)
2
3
4

NAME

6       pwgen - generate pronounceable passwords
7

SYNOPSIS

9       pwgen [ OPTION ] [ pw_length ] [ num_pw ]
10

DESCRIPTION

12       The  pwgen  program generates passwords which are designed to be easily
13       memorized by humans, while being as secure  as  possible.   Human-memo‐
14       rable  passwords  are  never  going  to be as secure as completely com‐
15       pletely random passwords.  In particular, passwords generated by  pwgen
16       without  the  -s option should not be used in places where the password
17       could be attacked via an off-line brute-force attack.    On  the  other
18       hand,  completely  randomly  generated  passwords have a tendency to be
19       written down, and are subject to being compromised in that fashion.
20
21       The pwgen program is designed to be used  both  interactively,  and  in
22       shell  scripts.   Hence,  its  default  behavior  differs  depending on
23       whether the standard output is a tty device or a pipe to  another  pro‐
24       gram.  Used interactively, pwgen will display a screenful of passwords,
25       allowing the user to pick a single password, and then quickly erase the
26       screen.   This  prevents someone from being able to "shoulder surf" the
27       user's chosen password.
28
29       When standard output (stdout) is not a tty, pwgen  will  only  generate
30       one  password,  as  this  tends  to  be  much more convenient for shell
31       scripts, and in order to be compatible with previous versions  of  this
32       program.
33

OPTIONS

35       -0, --no-numerals
36              Don't include numbers in the generated passwords.
37
38       -1     Print the generated passwords one per line.
39
40       -A, --no-capitalize
41              Don't  bother  to  include  any capital letters in the generated
42              passwords.
43
44       -a, --alt-phonics
45              This option doesn't do anything special; it is present only  for
46              backwards compatibility.
47
48       -B, --ambiguous
49              Don't  use  characters  that  could be confused by the user when
50              printed, such as 'l' and '1', or '0' or 'O'.  This  reduces  the
51              number  of possible passwords significantly, and as such reduces
52              the quality of the passwords.  It may be useful  for  users  who
53              have bad vision, but in general use of this option is not recom‐
54              mended.
55
56       -c, --capitalize
57              Include at least one capital letter in the  password.   This  is
58              the default if the standard output is a tty device.
59
60       -C     Print  the  generated passwords in columns.  This is the default
61              if the standard output is a tty device.
62
63       -N, --num-passwords=num
64              Generate num passwords.  This defaults to a screenful  if  pass‐
65              words are printed by columns, and one password otherwise.
66
67       -n, --numerals
68              Include  at  least  one  number  in  the  password.  This is the
69              default if the standard output is a tty device.
70
71       -H, --sha1=/path/to/file[#seed]
72              Will use the sha1's hash of given file and the optional seed  to
73              create  password. It will allow you to compute the same password
74              later, if you remember the file, seed, and pwgen's options used.
75              ie:  pwgen -H ~/your_favorite.mp3#your@email.com gives a list of
76              possibles passwords for your pop3 account, and you can ask  this
77              list again and again.
78
79              WARNING:  The passwords generated using this option are not very
80              random.  If you use this option, make sure the attacker can  not
81              obtain a copy of the file.  Also, note that the name of the file
82              may be easily available from the ~/.history  or  ~/.bash_history
83              file.
84
85       -h, --help
86              Print a help message.
87
88       -r chars, --remove-chars=chars
89              Don't  use  the  specified  characters in password.  This option
90              will disable the phomeme-based generator  and  uses  the  random
91              password generator.
92
93       -s, --secure
94              Generate  completely  random, hard-to-memorize passwords.  These
95              should only be used for machine passwords, since otherwise  it's
96              almost guaranteed that users will simply write the password on a
97              piece of paper taped to the monitor...
98
99       -v, --no-vowels
100              Generate random passwords that do not contain vowels or  numbers
101              that  might  be  mistaken  for  vowels.  It provides less secure
102              passwords to allow system administrators to not  have  to  worry
103              with random passwords accidentally contain offensive substrings.
104
105       -y, --symbols
106              Include at least one special character in the password.
107

AUTHOR

109       This    version    of    pwgen    was    written   by   Theodore   Ts'o
110       <tytso@alum.mit.edu>.  It is modelled after a program originally  writ‐
111       ten  by Brandon S. Allbery, and then later extensively modified by Olaf
112       Titz,  Jim Lynch,  and  others.   It  was  rewritten  from  scratch  by
113       Theodore  Ts'o because the original program was somewhat of a hack, and
114       thus hard to maintain, and because the licensing status of the  program
115       was unclear.
116

SEE ALSO

118       passwd(1)
119
120
121
122pwgen version 2.08                August 2017                         PWGEN(1)
Impressum