This password generator gives you a list of "pronounceable" passwords. It is modeled after Morrie Gasser's original generator described in
except that Morrie's used a second-order approximation to English and this generator uses a third-order approximation. A descendant of Gasser's generator was added to the Multics operating system by Project Guardian in the mid 70s, and I believe Digital's VMS added a similar feature in the 80s. FIPS Standard 181 describes a similar digraph-based generator, derived from Gasser's.
The best way to use generated passwords is to modify them in ways known only to you. Make some letters capital, or insert punctuation and numbers, or generate two passwords and combine them.
If you wish to secure extremely valuable assets, consider using better sources of randomness, longer passwords, or stronger methods than passwords. See RFC 4086, Randomness Requirements for Security, D. Eastlake, 3rd, J. Schiller, S. Crocker. June 2005.
Reusing passwords is very risky. Generate fresh ones for each need and store a list in an encrypted file. (Static or reusable passwords are obsolete. If you have a choice of authentication methods, look for a stronger method than passwords.)
The button below is displayed by a small applet. Clicking it downloads and runs a large class. Randomness in this implementation comes from the constructor for the Java class Random().
You are welcome to use the Java source of the password generator, if you
The generator is available in C/C++, in a version that allows you to supply your own dictionaries.
updated 01/24/97 to work around AWT bugs on UNIX. Tested with Netscape on Solaris, Win95, and Mac
updated 07/31/97 to work around Java 1.1 problems with Netscape 4.0.