There are a lot of places with obnoxious limitations to the characters you can put on a password, or even worse, to te length of it.

If you don't take anything away from this post, at least take that: password fields should allow any character and be long enough for your users to not notice ever the length constraint.

There are people using password generators and pasting 250 character long strings. Make their life easy, because they are doing their part.

But, alas, if you don't use a password manager but still want to have secure passwords, that are easy to remember but hard to guess, then the best tip on the internet is this:

xkcd: Password Strength

And if you know me, I usually face problems by throwing ruby at them, so, here we go:

Assumptions:

• you are on GNU/Linux or you can provide a text file with a list of words for your target language
• you have ruby installed

Code:

#!/usr/bin/env ruby

# https://www.xkcd.com/936/
module PasswordGenerator
  extend self

  # replace this with your language:
  WORDS = '/usr/share/dict/spanish'

  def run
    puts((1..4).map { safe_words.sample }.join(" "))
  end

  private

  SAFE_SET = /\A[A-Za-z]+\Z/.freeze

  # avoid non-ascii to save trouble
  def safe_words
    @safe ||= words.select{ |w| SAFE_SET.match(w) }
  end

  def words
    @words ||= File.read(WORDS).split("\n")
  end
end

# this executes the run method if the file is run as a command
PasswordGenerator.run if __FILE__ == $PROGRAM_NAME

The intended use is to run it a couple of times until some combination of words hits you with an image or story you feel able to retain.

Cover Image by Jan Alexander from Pixabay