PWGen lets you generate secure passphrases using your own PC

May aunt walt lumen thyme, people. Now you all know my secret!

Well, not really, but that's the passphrase that PWGen, a free, open source password generator for Windows, came up with after I tweaked some of its settings.

After telling you about Diceware, which lets you generate passphrases from your browser, it's now time to look at a more robust Windows utility that does the same (but better).

PWGen collects entropy (i.e., "random data") using mouse movements and key presses. So, to get random passwords, you don't need to roll any dice. You just move your mouse around, or mash your keyboard (for me, mashing the keyboard worked faster).

You can have the program create passphrases or passwords. There are a ton of options, such as excluding certain characters, beginning the passphrase with a capital letter, including digits and special characters, etc. I wish I could tell it to start every word in the passphrase with a capital letter, but there's no such option.

Another thing that's missing is "patterns." KeePass has this in its internal passwords generator, and it's very handy for generating pronounceable passwords (which are easier to memorize, since you can say them in your head as words).

Other than these two shortcomings, it's a serious, no-nonsense tool for generating cryptographically solid passphrases. Also, I'd like to take this chance to thank commenter some guy who commented on my Diceware post and let me know how secure these passphrases really are, even if they contain dictionary words. You could be nicer next time around, but thanks for the otherwise informative comment!

Tags: cryptography, gpl, opensource, pass phrase, PassPhrase, password, privacy, pwgen, secrets, security