I believe most of you know what a password generator is.
For those who don't: it's a program that can generate a random-looking password, with the exact length that you want, and using only characters that you permit.
There's a problem with this scheme: you need to save the resulting password.
So I was thinking, what about a password
regenerator?
A simple design would be to base it on a hashing algorithm. The user gives the "real" password and the length.
The program would hash the real password, and generate the password.
For example (output made up):
$ echo "MyPassword" | passregen 12
K93hIaVjj0mF
|
The point is: for the same input combination
passregen would regenerate the same password, so the user would never have to save the password.
Even better, this design opens the door for abuse:
$ echo "MyPassword" | passregen 12 | passregen 100 | passregen 13
kJd09jHHa12q6
|
I need someone to tell me if they see any flaws in the idea (well except from having to clear the shell history every time).
Then I need help with choosing a suitable hash algorithm.
I'm also thinking of a "binary" mode, whereby
passregen outputs non-text keys. This too puts strain on the choice of hash algorithm.
Finally I'd like a guesstimate of effectiveness.
My intuition tells me that cracking the input combination should be quite difficult (especially when piped) but I am ignorant of the math, so I can't be sure.
Thanks for reading.