Introduction
Extended Password Generator is the tool-at-hand of any systems administrator to generate pronounceable and random passwords, secured against brute-force dictionary attacks.
These passwords are got in the form of easily pronounceable English grammar, therefore they are easy to remember, store, and enter into the computer systems.
This algorithm was initially suggested by National Technical Information Service (NTIS), developed at Federal Information Processing Standard (FIPS) No181 "Automated Password Generator" and modified by me to implement exclude/include scheme.
This algorithm uses pseudo-random generator (PRG) to find characters that form syllables and then pronounceable words. PRG produces random data in accordance with the procedure, described in Appendix C of ANSI X9.17, and uses 3DES as block cipher. Values of seed and key are getting from OS CryptoAPI. That data is cryptographically random and may be used to generate random initialization vectors (IV) and salt values. So, there is no need to seed the random number generator manually.
EPG can also produce random (non-pronounceable) passwords.
Nowadays hackers are equipped with brute-force dictionaries of frequent, human-devised passwords. Running through those lists can help the attackers to find passwords and break open defence. In EPG each new password can be checked against the Bloom Filter, and if its hash is found in the Filter, EPG marks it with '!' or 'X' (depending on what exactly was found in the Filter). BFM (Bloom Filter Manager) is shipped with EPG to help you manage the Bloom Filters. This idea of Bloom Filter was taken from Adel I. Mirzazhanov's APG. Probability of 'false positive' level is selected at 1%, as wishing to maximally decrease size of the Bloom Filter (and size of the project itself) while this level stays relatively acceptable.
After all, EPG also has a nice GUI with quality meter and context sensitive help with F1. Password list can be printed, exported to HTML or text files or be copied to clipboard.
EPG uses Boost Library. To recompile EPG yourself, you need version 1.33.1 of Boost Library properly compiled and installed. Older versions should work too.
Acknowledgements
Thanks to:
- Adel I. Mirzazhanov for idea of EPG and Bloom Filter
- Andrzej Markowski for his
CCustomBitmapButton class - Boost developers
- Chris Maunder for his excellent
GridControl and CSystemTray classes and Iain Clarke for GridCellProgress control - Dr.Brian Gladman for his SHA algorithms implementation
- Eric Young for his DES ciphers implementation
- uemakeXp development team for
CDlgAnchor class - Wei Dai and his Crypto++ Library (and some ideas)
Visit EPG Project page at Sourceforge.NET
History
- 20th June, 2006: Initial post
