Passwords: How to generate random passwords that are strong and secure
To generate random passwords that are strong and secure, we use this guideline:
- All lowercase letters. We do this to improve usability for people with mobile devices and with disabilities.
- Omit the letters "i", "l", "o" to improve readability, because these letters are confusable with numbers.
- Twelve letters long. This is stronger than a password with uppercase and lowercase letters, numbers, and symbols.
To generate random passwords, we use the Unix system kernel random number source device called "urandom".
To generate random passwords in some of our Ruby applications, we use the Ruby method called "secure random".
blog comments powered by