Password Generator - Generate strong passwords
Password Generator is a Windows program that generates cryptographically strong passwords in a variety of formats (Letters+Digits, Base64, S/Key, Hexadecimal, and Custom). You can also use these passwords as encryption keys for symmetric encryption algorithms, or even as PIN codes.
License: This program is copyright © 1990-2010 Tarma Software Research Ltd. The use of Password Generator is subject to Tarma's End User License Agreement.
- Download Password Generator (version 19.0.3822, 18 June 2010)
System requirements: Runs on Windows NT4, 2000, XP, Vista, 7, 8, their Server editions, and later, both 32-bit and 64-bit versions. Also runs under Windows emulators such as Wine and its derivatives on GNU/Linux, *BSD, and Apple Mac OS X systems.
Start PWGen.exe, then click Generate to generate a new password. You can copy the password in one of its formats to the Windows clipboard by clicking the >> button that corresponds to the desired password format.
Note that the different formats all represent the same password; do not use different formats as different passwords, because they are interrelated. If you need a different password, just click Generate again.
The Password Generator screen is shown below.
The Password Generator window contains the following controls and options.
|Password strength||Slider to choose the password strength, expressed in bits. 40 bits (the minimum) is considered weak; 256 bits (the maximum) is considered strong for purposes such as symmetric encryption (and is probably much stronger than any password you are likely to use in most applications) .|
|Generate||Click this button to generate a new password of the currently selected strength.|
|Generate on startup||Check this box to let Password Generator automatically generate a new password each time the program starts.|
|Base64||Displays the password in Base64 encoding, using a character set consisting of uppercase letters A-Z, lowercase letters a-z, digits 0-9, and the $ and _ characters.|
|Uppercase + Digits||
Displays the password in Base32 encoding, using a character set consisting of uppercase letters A-Z (except I and O) and digits 2-9.
If you check the box Format in groups of and enter a positive number, then the Uppercase + Digits field is subdivided into smaller groups separated by hyphens. This is intended to make scanning and typing the password easier. The hyphens are not part of the password proper, but can be retained if the application in which you use the password allows them.
Displays the password using a character set that you can choose from the following options:
This format allows you to choose the composition of your password, for example to comply with local guidelines about passwords. Duplicate characters are ignored. The resulting character set must contain at least two characters; if fewer characters are present, no custom password is generated.
Displays the password in hexadecimal format as bytes with optional prefix and suffix. You can use the prefix and suffix strings to format the bytes in a format suitable for programming languages, for example:
|S/Key words||Displays the password using the 2048-word dictionary used for the S/Key one-time password scheme.|
Password Generator generates passwords based on a given strength expressed in bits. The actual password length in characters depends on the chosen formatting.
The following table gives the password length in characters for 40-bits, 128-bits, and 256-bits passwords when rendered in the various formats. This excludes any additional formatting such as hyphens or prefix/suffix strings.
|Password length in characters for:|
|Format||Character set size||Bits/character||40-bits||128-bits||256-bits|
|Uppercase + Digits||32||5||8||26||52|
|Custom format||variable||log2(|char set|)||variable||variable||variable|
|S/Key words||2048*||11**||4 words||12 words||24 words|
*For S/Key this is the size of the dictionary (i.e., the number of different words), not the character set size.
**For S/Key this is the number of bits encoded per word, not per character.
The following implementation details are provided to allow you to assess the security of Password Generator and its interoperability with other applications.
Random number generator
The random bytes that form the basis of each password are generated by the CryptGenRandom() function that is part of Microsoft's Crypto API. This function implements a cryptographically secure pseudo-random number generator. The subsequent formatting of the password simply renders the generated bytes in alternative formats and (with care) neither adds nor subtracts from the initial cryptographic strength.
The following articles provide additional implementation information about CryptGenRandom():
Note for Wine users: The CryptGenRandom() implementation in the current version of the Wine Windows emulator (1.1.x) uses the /dev/urandom special file to obtain its pseudo-random byte stream. The quality of this stream therefore depends on the underlying /dev/urandom implementation. For implementation details about this special file, see:
The Base64 encoding used by Password Generator uses the following character set (from 0 to 63):
This is yet another variant on Base64 encoding. It differs from other Base64 encoding schemes in the following respects:
- The final two characters in the character set are $_ instead of +/ or several others. We chose $_ as being more acceptable in password applications than the usual Base64 final characters such as +/-:!
- There is no '=' padding at the end of the password if the password strength is not a multiple of 6.
Because the main purpose of Password Generator is passwords, conformance to one of the Base64 standards was considered less important than character set compatibility across a wide range of password-consuming applications.
For more details about Base64 encodings, see:
- RFC 4648, proposed standard for Base16, Base32, and Base64 encodings
- Wikipedia article about Base64 encoding
Tip: If your application requires strict adherence to one of the existing Base64 schemes, then use the Custom format option with only the following categories checked: Uppercase, Lowercase, Digits, Other. In the Other text field, enter the desired final two characters, for example +/. If you leave all other categories unchecked, then the formatting will comply with your chosen Base64 scheme (except for the lack of '=' padding that some Base64 schemes require).
Uppercase + Digits encoding
The Uppercase + Digits encoding used by Password Generator is effectively a Base32 encoding that uses the following character set (from 0 to 31):
This character set contains digits 2-9 and uppercase letters A-Z, except I and O. This way we prevent any possible confusion between 0 (zero) and O (uppercase oh), and between 1 (one) and I (uppercase i), because none of these four characters is ever present.
For other Base32 encodings (that do include different subsets of 0, O, 1, I and therefore do potentially cause confusion), see:
- RFC 4648, proposed standard for Base16, Base32, and Base64 encodings
- Wikipedia article about Base32 encoding
Custom format encoding
The custom format encoding uses a variable alphabet that is constructed from the following character categories, if selected:
- Uppercase letters A-Z (26 characters)
- Lowercase letters a-z (26 characters)
- Digits 0-9 (10 characters)
- Graphics @$&%#*~_+=!? (12 characters)
- Other characters as specified by the user (variable number of characters)
To format the password, a consolidated character set is created that consists of the concatenation of the selected categories in the order given above. Duplicate* characters are then removed from the set. The resulting character set must contain at least two characters; if fewer characters are present, then no custom password is generated.
(*The predefined categories 1-4 do not overlap, but if the user specifies other characters (category 5) that also appear in the fixed categories, or if she specifies duplicates within the Other category, then duplicates are possible. These duplicates would skew the probability distribution of the character set and thereby reduce the overall strength of the password.)
The consolidated character set is used to encode the n-bit random password that was generated. This encoding is in effect a radix conversion and is accomplished by repeatedly performing a (multiple precision) division of the password bytes by the size of the consolidated character set.
Note that there is no guarantee that each selected category is represented in every password; doing so would reduce the randomness of the password and hence reduce its strength. However, for longer passwords it is likely that most, if not all, selected character categories will be represented.
Tip 1: Because of the order in which categories are added to the custom alphabet, you can use the custom format to create alternative Base64 encodings: select Uppercase, Lowercase, Digits and Other, then enter the desired two final Base64 characters in the Other text field.
Tip 2: You can also use the custom format to generate PIN codes by selecting only the Digits category. However, even the weakest password strength of 40 bits will result in a PIN code of 13 digits (with the last digit heavily biased toward 0), which is much longer than most PIN applications allow. To reduce this to an allowable number of digits without introducing non-random bias, use as many digits starting from the left as the PIN application allows.
The hexadecimal encoding is a simple one-on-one representation of the generated random bytes, with optional per-byte prefix and suffix strings for convenient transfer to a variety of target applications such as programming language source code (not that we recommend embedding passwords in source code!).
S/Key words encoding
The S/Key words encoding uses the 2048-word dictionary that was developed for the S/Key one-time password system. This dictionary consists of short English words of one to four characters in length that are presumably easier to memorize than random byte streams.
The 2048-word dictionary represents an 11 bits per word encoding and the generated password bytes are encoded using this dictionary as defined by RFC 1751, with the exceptions that Password Generator does not add parity information and applies this scheme to any password length from 40 to 256 bits, not just to 128-bits passwords.
For the full list of dictionary words and other details, see: