Posting-number: Volume 5, Issue 59 Submitted-by: "Brandon S. Allbery" Archive-name: pwgen [Dr. Jekyll and Mr. Hyde, anyone? ;-) ++bsa] I've described this program, in its OSI Superboard-II incarnation, in comp.unix.wizards and news.sysadmin. Now, here's the code for a UN*X version. It seems to work OK on ncoast, except for some oddness in the "random" selections -- which are probably the result of our not having a good RNG. (Could someone mail me one or more of the alternative generators? Or maybe even the source to BSD random(), assuming that it falls outside the subset of BSD code that can be traced to AT&T? To put it mildly, our random number generator isn't.) This is not as complete as the original program, which actually had a list of characters (the current one uses phonemes) which were most likely to follow other phonemes. On the other hand, this version does use phonemes rather than characters, so its creations are more pronounceable as a rule than those of the original. The resulting passwords aren't quite as "natural" as the original, however. (That may be for the best; the original was intended as a simple experiment to see if a rule for "proper English words" could be defined in terms of rules which related letters. This was before I got to college and learned that such things were rather unlikely, but the original program still did a pretty good job of spewing out some common English words. That can't be said for *this* program.) To compile: cc -O -o pwgen pwgen.c -lm (The sqrt() function is used in an attempt to produce a random number which is "weighted" toward one end of the range, so as to prefer one end of a list of "spellings" for a phoneme over the other end. It seems to work, but with this rotted RNG, I can't be absolutely certain. A trial distribution seems to be correct, however.) What's the intent? I find that I can remember a "word" better if I can pronounce it. This may or may not be true for other people, but *anything* that encourages the use of random passwords is an improvement on what I typically see at client sites every day. So this program spits out passwords which are virtually guaranteed not to be found in the dictionary, but are (usually) pronounceable to speakers of English. (The tables can be modified for other languages, but they're rather hairy. Perhaps I'll write a version which loads "compiled" language descriptions, and let the compiler deal with the hairy stuff. Hey, they were even hairier in the BASIC version!) Oh, well, shar and enjoy.