Characters to avoid in automatically generated passwords

Question 1

Characters to avoid in automatically generated passwords

security passwords user-experience

Loofer · Sep 11, 2008 · Viewed 15.4k times · Source

Answer

Answer

Here are the character sets that Steve Gibson uses for his "Perfect Paper Password" system. They are "characters to allow" rather than "characters to avoid", but they seem pretty reasonable for what you want:

A standard set of 64 characters

!#%+23456789:=?@ABCDEFGHJKLMNPRS
TUVWXYZabcdefghijkmnopqrstuvwxyz

A larger set of 88 characters

!"#$%&'()*+,-./23456789:;<=>?@ABCDEFGHJKLMNO
PRSTUVWXYZ[\]^_abcdefghijkmnopqrstuvwxyz{|}~

For pronounceable passwords, I'm not familiar with the algorithms but you might want to look at APG and pwgen as a starting point.

Question 2

I need to generate some passwords, I want to avoid characters that can be confused for each other. Is there a definitive list of characters I should avoid? my current list is

il10o8B3Evu![]{}

Are there any other pairs of characters that are easy to confuse? for special characters I was going to limit myself to those under the number keys, though I know that this differs depending on your keyboards nationality!

As a rider question, I would like my passwords to be 'wordlike'do you have a favoured algorithm for that?

Thanks :)

Characters to avoid in automatically generated passwords

Answer

Related questions