You are here
Password Generation
Online security advocates state that to be stong, your passwords should follow the following guidelines
- Unique - everyone should be different to everyone else, so if a server is compromised the only password lost is the one on that server
- Random - the password should not be based on things found in the dictionary (or names)
- Characters - a scattering of uppercase, lowercase, numbers and special characters
- Memorable - you shouldn't write it down
It is very difficult to make a password that fits these specifications, with the necessity of all these websites needing authentication, you find yourself needing to remember between 4 and 7 random sequences of letters and numbers just to function in life. Needless to say, the first and second rules are most often broken in the quest to maintain rule 4. I know I do it.
The attached applications solve this issue on two levels. They take your "master" password and some site identifier and creates a SHA1 hash, the first 8 bytes of the hash are then base64 encoded to produce the final password. This password fulfills the first 3 rules to strong passwords, even if the master password does not (it no longer has to) and because you can always regenerate the password as needed, you can see that it resolves rule 4 too.
The added bonus to using these applications is that you also hide your "secret" (the master password), in that you never transmit the master password to any website, ever!
The idea for this application is not mine, it came from Nic Wolff, he can be googled or his site can be found here. Please note that his generator and mine are not compatible.
I have included below the code that is tied to the appropriate button click for your security. This application should NEVER try to access your disk, or the internet as it saves nothing, and most importantly doesn't transmit anything.
private void button1_Click(object sender, EventArgs e) { if (txtMaster.Text != "") { SHA1 sha1 = new SHA1CryptoServiceProvider(); byte[] arrSha1 = sha1.ComputeHash(Encoding.ASCII.GetBytes(txtMaster.Text + ":" + txtSite.Text)); string strPassword = System.Convert.ToBase64String(arrSha1,0,8); txtPassword.Text = strPassword; Clipboard.SetText(strPassword); clearTimer.Start(); } } private void clearTimer_Tick(object sender, EventArgs e) { clearTimer.Stop(); txtMaster.Text = ""; txtPassword.Text = ""; }
Attachment | Size |
---|---|
Passgen installer | 332.5 KB |