Password Generator Copyright (C) Moose O'Malley, ------------------- August 2013. +===========================================================+ | T A B L E O F C O N T E N T S | +===========================================================+ | * Introduction | | * Why is this useful ? / Why do this ? | | * Password Advice - Dos and Don'ts | * Using this Program | | * The Future | | * Special Greetings / Thanks to | | * Program License / Limitations / Restrictions | | * Warranty | * Amendment History | | * Contacting the Program's Author | +===========================================================+ Introduction : -------------- Password Generator for Windows 95 / 98 / ME / NT / 2000, Vista, 7, 8, 32 or 64 bit, etc. Password Generator enables you to quickly and easily generate a random password according to the password rules you specify, such as whether the following types of characters are allowed: * numerical digits (0-9), * lowercase English letters (a-z), * uppercase English letters (A-Z), * special characters. e.g. !@#$, etc, and the minimum and maximum length of passwords. For example, if you specify 10 as the minimum and 20 as the maximum length of a password, then Password Generator will generate a password containing a random selection of the characters and digits you specified, and between 10 and 20 characters long. In today's world, it makes good sense to have the strongest possible passwords, and Password Generator will help you achieve this. Password Generator also estimates the strength of each generated password. By default, the length of a reasonably secure password is 20 characters, however, the user can change this to whatever they like, as long as it is 10 or more characters long. Passwords less than 10 characters are trivially easy to crack and should not be used. Why have I made the "reasonably secure password length" user definable ? Because technology is advancing all of the time. A 20 character long password is reasonably secure today, but in 5 or 10 or more years time, as computing speed increases and hacker tools become more sophisticated, 20 characters may not be enough, and 30 or 40 characters might become the length of reasonably secure passwords. By making the "reasonably secure password length" user definable, I have made Password Generator future proof - because the user can increase the value of this setting according to what they deem is reasonable in the future. You can use the Save and Load buttons to save and load password criteria / settings, so you can store the password rules for Facebook, LinkedIn, your Bank, etc separately and then re-load these whenever you need to generate a new password for each account. Also see my "Password Advice - Dos and Don'ts" below. Developed using 32-bit Delphi. Why is this useful ? / Why do this ? -------------------------------------- This program is very useful in our modern world. As hackers have access to ever more powerful computers and ever more sophisticated password cracking techniques, using strong passwords for all of your on-line accounts and activities is becoming increasingly important to protect your privacy, your identity, your reputation, your friends and family, and your hard-earned money. Password Advice - Dos and Don'ts -------------------------------- Here's my advice on passwords: * Don't make it easy for hackers, parasites, and thieves - use the strongest possible passwords for all of your accounts. e.g. If a web site has a rule that says passwords must be at least 6 characters long, then don't be lazy and use 6 character passwords - use passwords which are equal to or close to the maximum allowed length. e.g. 20+ characters. Also, if passwords up to 20 characters are allowed, then don't just use 20 character passwords all the time, because, if a hacker knows this, their job of guessing your password just because a lot easier. They just need to try all combinations of 20 characters. Still a massive job, but a lot easier than trying all combinations of 10 characters, and then all combinations of 11 characters, and so on. If the maximum is 20 characters, then use passwords between, for example, 15 and 20 characters to make it as hard as possible for hackers to guess. * Don't just use words or names - these are too easy for hackers to guess. And, don't just add numbers or dates onto words and names, because these are also way too easy for hackers to guess. * Don't use passwords that are easy to guess. * Never re-use passwords or usernames. * Don't re-use the same password or username for different accounts. e.g. don't use the same password for Facebook and LinkedIn - you are begging for trouble if you do ! If one of your accounts is hacked, the hacker will have access to your other accounts - not good news for you at all ! * Change your password regularly. e.g. weekly for really sensitive or important places, such as your on-line bank accounts, or monthly for less important places. * Stay the hell away from public wireless networks or any network with no encryption or weak encryption. e.g. If you don't need to enter a password to access a network - it might be Free WiFi at a coffee shop or whatever - then assume that all of your usernames, passwords, and activities are being watched and recorded by others, because the chances are that someone will be. * If you must use any network with lousy security, change your passwords as soon as you get back to a network with decent security. * Store all of your passwords in a secure place. e.g. on a strongly encrypted USB thumb drive and keep this drive regularly backed up and physically secure so no-one can ever get access to it or steal it. * Keep your laptop / desktop / etc secure and up-to-date with the latest operating system patches, and keep your data protected with decent, up-to-date virus and malware protection, firewall, and related tools (VPN, etc). * Encrypt ALL of your computer storage, harddrives, thumb drives, and backups with strong passwords, so that they will be inaccessible (as far as possible) if they are stolen or accessed. * Be paranoid. Always ask yourself "what can I be doing to better protect myself ?". If you one of your accounts is hacked, learn from it and make sure you improve your security from now on. Anyway, I could go on and on about security, but that's probably enough for now. ;) Using this Program : -------------------- To use this program, simply unzip it to a directory (using PKUNIP, WinZIP, or similar), and run it. e.g. double click on the "Password Generator.EXE" file. The Future : ------------ In the future, many improvements could be made to this program, such as : - Support for non-English character sets. NOTE: you can do this now via the "Use these Special Symbols" data entry box. Enter whatever characters you like in this box and they will be used. - Keeping track of when you last generated a password of the particular type. - Reminding / prompting you when it is time to generate a new password. - Strategies to thwart hackers who know the password rules. e.g. if a web site only allows passwords with letters, digits, and a few special symbols, such as @, #, and $, and the hackers know this, then they can tailor their attacks to use these characters and apply the same probability to each character. However, by adjusting the probabilities for some characters, it can make things more difficult for the hackers. NOTE: You can do this now, to an extent, by adding characters to the "Use these Special Symbols" data entry box. For example, if a web site only allows passwords with letters, digits, and a few special symbols, such as @, #, and $, then you can add duplicates any allowed characters or letters or numbers to the "Use these Special Symbols" data entry box. For example, the "Use these Special Symbols" data entry box might contain: @@####$$$$$$Kk99 to manually adjust the probabilities for characters you select, making a hacker's job potentially more difficult, because they will be relying on the fact that all characters have equal probability. - Anything else ? If you would like any of these improvements, or would like to suggest more, please email me and let me know. Special Greetings / Thanks to : ------------------------------- - None so far. Program License / Limitations / Restrictions : ---------------------------------------------- This program is FREE software - any person and any company is welcome to copy it, use it, and distribute it as they see fit, as long as the EXEcutable and this text file remain intact. If you find this program useful or funny or think I need serious mental help, please visit my WEB page and check out some of the other software. Warranty : ---------- This software and the accompanying files are provided "as is" and without warranties as to performance or merchantability or any other warranties whether expressed or implied. The user assumes the entire risk of using this software. If you do find any faults with this program, email me and let me know, and I will do my best to fix it ASAP. Amendment History : -------------------- Vers Date Description 1.0 07-Aug-2013 First Public Release. (753 lines of code / comments / blank lines in primary source file.) (56,072 lines of code / comments / blank lines in all primary, library, and include files.) If this program was not downloaded from my Home Page, then it is possibly an old version. The latest version of this program is available from my WEB page - see below. Mike "Moose" O'Malley ____________________________________________________ Moose's Software Valley - Established July, 1996. WEB: http://moosevalley.fhost.com.au/ ____________________________________________________