Teach you how to generate complex passwords and check password strength in Linux

In this tutorial, we will explore how to generate complex passwords and check password strength.

Generate complex password

Strong passwords should be a mix of letters, numbers, and symbols. Another requirement is not to use known words, birthdays, or names, as these are vulnerable to dictionary attacks.

So how many characters should the password contain? There isn't really a definite answer, but more than 16 characters is a good choice. Therefore, if your system has OpenSSL or GPG installed, you can use these tools to generate passwords. For example, below we use GPG to generate a password:

[root@localhost ~]# gpg --gen-random --armor 2 12
zXVKRoB0/V4BN9QG

If you don’t want special characters, you can use the sed command to filter them out:

[root@localhost ~]# gpg --gen-random --armor 2 12|sed 's/[^a-zA-Z0-9]//g'
n4ciIlRLkLTkzwg

The above uses the --gen-random option to randomly generate characters. Use the --armor option to generate ASCII characters. The following option 2 can use three options [0][1][2], which indicates the quality level. The last number represents the character length.

Same, we can use OpenSSL to generate passwords:

[root@localhost ~]# openssl rand -base64 12
QIrH/PLXqzmLuI/a

Similarly, you can also use the sed command to filter out special characters:

[root@localhost ~]# openssl rand -base64 12| sed 's/[^a-zA-Z0-9]//g'
lXIg4cKLCLVvsi

Check password strength

Now that we have our password, it's time to see if it passes the test: Is your password strong enough? To determine if the password is strong enough, we will use the cracklib tool installed in Centos8.

[root@localhost ~]# yum -y install cracklib

Let’s test a simple password first:

[root@localhost ~]# echo "a1b2c5" | cracklib-check 
a1b2c5: it is based on a dictionary word

What if we use ordinary words?

[root@localhost ~]# echo "Administrator"|cracklib-check 
Administrator: it is based on a dictionary word

The output of the above two passwords also prompts that they can be found in the dictionary.

Let’s test a generated password to see how strong it is:

[root@localhost ~]# openssl rand -base64 12 | cracklib-check 
VdBlmvIgGY4ehWly: OK

You can see that the password is OK.

The above is the detailed content of Teach you how to generate complex passwords and check password strength in Linux. For more information, please follow other related articles on the PHP Chinese website!