test, and password generator
Will Ware
wware at alum.mit.edu
Wed Aug 29 08:57:16 EDT 2001
Paul Rubin wrote:
> If you're running linux, you should get random data by reading bytes
> from /dev/urandom.
OK, this seems to work. Though apparently /usr/dict/words is no longer
available now that I've switched to Red Hat 7.1 (which regrettably is
still on Python 1.5.2).
----------------------------------------------------------
#!/usr/bin/env python
import random, math
urandom = open("/dev/urandom")
def choice(lst):
sum = 0L
for x in range(6):
sum = (sum << 8) + ord(urandom.read(1))
return lst[int(sum % len(lst))]
if 1:
# To avoid confusion, leave out 0, O, 1, l, S and %.
units = "ABCDEFGHIJKLMNPQRTUVWXYZabcdefghijkmnopqrstuvwxyz2346789"
units = units + """!@#$%^&*+=;:,.""" # Compensate with punctuation.
separator = ""
elif 0:
units = "abcdefghijkmnopqrstuvwxyz0123456789"
separator = ""
else:
units = [ ]
separator = "-"
inf = open("/usr/dict/words")
for x in inf.readlines():
units.append(x[:-1])
inf.close()
length = 10
e = length * math.log(len(units)) / math.log(2)
print "Entropy is %g bits" % e
# Assume the attacker attempts 100 logins per second, but doesn't get
# access to a hash which would allow him to test faster.
print "Cracking time is", (0.01 * 2**e) / (3600 * 24 * 365.24), "years"
pw = ""
for i in range(length):
pw = pw + choice(units) + separator
if len(separator):
pw = pw[:-len(separator)]
print "Password:", pw
urandom.close()
-------------------------------------------------------
More information about the Python-list
mailing list