Pwgen comes to the Mac

The Unix project pwgen came to the Mac last week with a graphical interface rather than the original command-line interface popular with the coder crowd. And as usual with these programs, an update was released days later. On Monday, author Wietse Venema announced Version 0.3, which will check for updates and fixes some bugs. It is available for download now at some sites.

[Pwgen] generates passwords which are designed to be easily memorized by humans, while being as secure as possible. The GUI is clean and simple. If you modify one of the controls, a new password will be generated. The textfield containing the password will be automatically selected each time you generate a new password. This allows for quick tweaking and copy/paste of your random password.

It's a minimal app but it works fine. I found that I can toggle the potential password by clicking on the blue password length marker. Of course there are other Mac password generators. Here are a few from a brief search:

Password Generator by Agile Web Solutions, the maker of the popular 1Password password manager. It hasn't been updated since Mac OS X Tiger days.

Password Generator can generate fixed length passwords using custom character set, readable passwords using dictionaries. It can also generate universally unique identifiers (UUIDs).

Password Generator Dashboard widget by Glenn Scott, which uses the true random number service at random.org to generate random, letter-based passwords, according to the author. Here' my strategy for passwords: I create several base passwords formed from multilingual phrases that I can easily remember. These bases are combinations of shorter words from different languages, some of which do not use a Western script. This helps foil dictionary password breakers. Then I put some of the letters in caps and numbers (no, not the usual lower-case letter L for the number 1, etc.). For websites, I use these base passwords and combine them with part of the site's name. It isn't just the name, it's a scramble done in a way that I can remember. This lets each site have a unique password and usually a very long password, which also helps with security. Of course, I don't remember the passwords for most places I visit. When I log in, I try combinations of the base passwords and capitalizations with the site-specific letter until I hit on the correct set. This usually takes a few tries. The only downside is when I'm trying to enter these long strings of upper and lower case letters and numbers on my iPhone. It's tedious and easy to get lost, especially when hitting the shift key.