Pronounceable Password Generator

Question

I am currently looking for a password generator which produces pronounceable passwords. I have used this random password generator a few years ago to generate a 42 characters long password and found it remarkably well to remember. Even after all this time (and I don't have to type that password that often), I can remember and type it without making any mistakes and without having to think about it too much. It is a completely nonsensical sequence of letters, but it basically follows the pattern of alternating between consonants and vowels, which I guess makes it so easy to remember (at least for me).

However, as I already suspected it back then and as is mentioned in this question, generating passwords online might be insecure. But I am not really sure what else to do, as I haven't found something similar which works locally.

So my question is, is there any tool that produces the same kind of passwords in a secure way?

I have mainly 2 password generation/memorization technique. One of them is to generate a random string using any tool, then to memorize it using the [NATO phonetic alphabet](https://en.wikipedia.org/wiki/NATO_phonetic_alphabet). For example, `R+c0KMjHi$Vw`. After a couple of minutes of thinking it's easy to come up with a memorable story "Romeo and Charlie weigh zero kilos. Mike and Joliet are in a hotel in India, expensive hotel. Victor is drinking whiskey". After 3-4 uses, it's not easy to forget. Notice that the story, for the most part, makes no sense. Making it more memorable. — Adi, May 09 '13 at 14:15
Also, possible duplicate: http://security.stackexchange.com/questions/662/what-is-your-way-to-create-good-passwords-that-can-actually-be-remembered — Adi, May 09 '13 at 14:18
Well, interesting method, but I don't think it works for me. I would have to learn the alphabet first and also have to remember which parts of the story translate into a character and which don't (for example, the words 'weigh' and 'kilos' are left out). Maybe super secure, but hard to remember, at least for me. And I am really no good at creating "stories" or "phrases" like that. — Simon Lehmann, May 09 '13 at 14:38
And I don't see how the other question is a duplicate. It asks about any method to generate/remember good passwords. Maybe I should have asked more specifically about this exact type of passwords generated by the website I mentioned. — Simon Lehmann, May 09 '13 at 14:42

score 7 · Answer 1 · answered May 09 '13 at 13:57

7

Step 1: Find a large dictionary file

Step 2: Feed that dictionary file into a RNG written in python or any other scripting language.

Step 3: Concatenate four random words in this manner.

Step 4: You got your secure and pronounceable password.

Obligatory XKCD.

See also: Diceware.

answered May 09 '13 at 13:57

3

Ok, I guess this could work. I am a bit reluctant to use actual words though, as I tend to confuse them. Words always have some meaning, which can help in memorizing them, but to me it also creates opportunities for getting it wrong. I really like the completely nonsensical approach of the generator I mentioned... – Simon Lehmann May 09 '13 at 14:48
The open source [RandGen app](https://play.google.com/store/apps/details?id=gr.allamanis.randgen#?t=W251bGwsMSwxLDIxMiwiZ3IuYWxsYW1hbmlzLnJhbmRnZW4iXQ..) for Android implements this scheme. – Michael May 12 '13 at 19:02
@SimonLehmann Very true, hadn't thought of that. Indeed the meaning of a word can make one remember synonyms instead... I personally use random passwords, but a password's strength is really in their length so I should switch. – Luc May 12 '13 at 21:45

score 6 · Answer 2 · answered May 10 '13 at 14:15

If the site you mention has a predictable way of creating your passwords (in the case, the pattern of consonant - vowel -consonant... well, your password doesn't really have all those 42 random characters.

Actually it has: (23 *5) ^23 possibilities = 2.5 * 10^47 possibilities.

That's a very big number. Comparing to the XKCD method, it's similar to use 14 random words. So, if that combination is easy enough for you to remember, continue with it. And since you state in your profile that you know how to program, then simply make a program that will generate a number between 1 and 23 (and print the corresponding consonant), then generates a number between 1 and 5 (and print the vowel), and so on.

Pseudocode:

for i=1, i=23, i++
    cons = random between 1 and 23;
    if c = 1, print "b"
    if c = 2, print "c"
    ... and so on
    vowel = random between 1 and 5;
    if vowel = 1, print "a";
    if vowel = 2, print "e";
    ... and so on
next i

score 5 · Answer 3 · answered May 12 '13 at 19:07

pwgen for Linux produces configurable pronounceable passwords. It will likely be in your distribution's package management system.

$ pwgen
Po2Echor dah8Ail7 Igahhui6 ooQue0oo si3eeGh6 ohfu9Phu aehuCh3E Eephae4I
quuyohW2 da3xeePh oghai3De fah8sohK Sah0iehi nupoo9UT ahG2eija Isoo4eiw
huo7ouRo aik6pohH veigai7U YouJ1wae OhgiuW9V oe6rah0R Fah2le0T boh5Taid
...

Or from your example:

$ pwgen 42 --no-numerals --no-capitalize
oethueroodoyulexahjohsahngeogaxaekaezeephu
fazeenoopoongaepheiseiyughahchohngoajoimae
pohdeevuvahlailohkaimajaophahphiejiquousho
...

These ones are hardly pronounceable. – Trang Oul Jan 27 '16 at 12:12 — Trang Oul, Jan 27 '16 at 12:12

score 3 · Answer 4 · answered Dec 10 '14 at 20:47

3

Tom Van Vleck has written a Javascript pronounceable password generator (as well as ports to Java, C, and iOS). I took his work and created a passphrase generator that combines multiple words into a configurable length phrase.

answered Dec 10 '14 at 20:47

Xiong Chiamiov

9,384
2
34
76

Just to add to this, remember that there is no requirement that you use the exact output of any pwgen. For example, Xiong's generator just created "rairchry tontecul", which I would transliterate into real, memorable words, creating a more usable pass phrase of "rain cherry Tonto cull". It's just another way of quickly arriving at the same results provided by the "correct horse battery staple" method. – John Deters Dec 10 '14 at 21:12

Brad · Answer 5 · 2013-05-12T19:28:32.277

Have you seen Diceware passphrase generation method? Basically, you roll dice to pick random English words to compose a passphrase.

For instance, if you were to roll

66561 23211 12413 44165 63544

You would generate a passphrase of

72nd ditch arab oat weal

Which isn't terribly great, but you can always keep rolling dice to increase the length, and throw in some punctuation and you'd have a terribly secure passphrase.

Honestly though, by the time you've rolled the dice (instead of using a psuedorandom computer algorithm right?), written down the results, found the corresponding entries in the diceware list, added punctuation etc, memorized your new weird passphrase, then destroyed the results (I hope you didn't write it on a pad of paper that left impressions)...well...you probably could have just thought up a sufficiently good passphrase yourself.

I do find it good though if you need some random inspiration!

score 1 · Answer 6 · answered May 09 '13 at 16:42

1

LastPass password generator has a 'pronounceable' option.

I generated this one for an example:

scallendoparaftsmirr

answered May 09 '13 at 16:42

schroeder

123,438
55
284
319

Gerold Meisinger · Answer 7 · 2015-07-28T11:43:56.107

1

May I present my Diceware sheet to generate pronounceable passwords using real-life dice: Pronounceable Diceware Password Generator (PDF)

edited Jul 28 '15 at 11:43

answered Jul 28 '15 at 07:40

Gerold Meisinger

297
2
9

Wernfried Domscheit · Answer 8 · 2019-06-05T08:49:14.217

In my opinion the most powerful and most flexible password generator you can get (for free) is this one: https://www.gaijin.at/en/software/passwordgenerator

If you ask for pronounceable words and syllables I can recommend this tool: https://www.sttmedia.com/wordcreator

Within seconds it generates thousands of random pronounceable syllables. Such list can be exported and used as word-list in tool mentioned above.

Pronounceable Password Generator

8 Answers8

Linked