|I l@ve RuBoard|
7.3 Generating Random Passwords
Credit: Devin Leung
One of the chores of system administration is installing a lot of new user accounts. Assigning each new user a different, totally random password is a good idea in such cases. Save the following as makepass.py:
from random import choice import string # Python 1.5.2 style def GenPasswd(length=8, chars=string.letters+string.digits): newpasswd =  for i in range(length): newpasswd.append(choice(chars)) return string.join(newpasswd,'') # Python 2.0 and later style def GenPasswd2(length=8, chars=string.letters+string.digits): return ''.join([choice(chars) for i in range(length)])
This recipe is useful when creating new user accounts and assigning each of them a different, totally random password. The GenPasswd2 version shows how to use some features that are new in Python 2.0 (e.g., list comprehensions and string methods).
Here's how to print out 6 passwords (letters only, of length 12):
>>> import makepass, string >>> for i in range(6): ... print makepass.GenPasswd2(12, string.letters) ... uiZWGSJLWjOI FVrychdGsAaT CGCXZAFGjsYI TPpQwpWjQEIi HMBwIvRMoIvh otBPtnIYWXGq
Of course, such totally random passwords, while providing an excellent theoretical basis for security, are impossibly hard to remember for most users. If you require users to stick with them, many users will probably write down their passwords somewhere. The best you can hope for is that new users will set their own passwords at their first login, assuming, of course, that the system you're administering lets each user change their own password (most operating systems do, but you might be assigning passwords for other kinds of services without such facilities).
A password that is written down anywhere is a serious security risk, since pieces of paper get lost, misplaced, and peeked at. Therefore, from a pragmatic point of view, you might be better off assigning passwords that are not totally random; the users are more likely to remember these and less likely to write them down (see Recipe 7.4). This may violate the theory of password security, but, as all practicing system administrators know, pragmatism trumps theory.
7.3.4 See Also
Recipe 7.4; documentation of the standard library module random in the Library Reference.
|I l@ve RuBoard|