PWDGEN - Automated Password Generator

Implements the  ANSI X9.17 (FIPS-181)  'Automated Password Generator' standard.
Uses DES (FIPS-46-1) routines in ECB mode to generate pseudo-random numbers.

This program will generate random passwords in one of three modes :
as pronounceable pseudo-words, as random alphabetic character sequences 
and as random (printable) ASCII character sequences.
Usage is :\npwdgen [-a{0|1|2}] [-s{n}] [-l{n}] [-m{n}] [-n] [-h|?]
      n:    Number of passwords you want to generate at once.
            Can be any positive integer number. DEFAULT is 1 each time.
    -a0:    Algorithm 0, generate pseudo-words. DEFAULT.
            Output is comprised by only the 26 lower-case letters
            of the english dictionary and resembles words as in
            natural english.
    -a1:    Algorithm 1, generate ASCII sequences.
            Output may include all printable ASCII characters.
    -a2:    Algorithm 2, generate alphabetic sequences.
            Output may include upper- and lowercase characters
            of the english alphabet.
  -s{n}:    Seed for randomization, any long integer. DEFAULT is 1L.
  -l{n}:    Maximum length of output. DEFAULT is 16.
  -m{n}:    Minimum length of output. DEFAULT is 6.
     -n:    No legal words. DEFAULT is to use legal words.
  -?|-h:    This help screen.

The program will ask you to enter an old password or random string. You can
in fact enter anything here, it is to help the program in beeing even more
'random' when generating a new password. In this version, only eight (8)
keystrokes (characters) will be used, the rest will be disposed.

-------------------------------------------------------------------------------
Legal stuff (to keep the lawyers happy)

PWDGEN and it's documentation is Copyright (c) 1995, Ramin Darakhschani.

This program is heavily based on the code found in appendix A of the FIPS-181
Publication. Although it is a port and rewrite, the 'innards' of the DES 
routines were left almost the same. I just don't understand enough of 
cryptography to go changing 'artwork' originated by others.
What WAS done, was a) porting the code to OS/2, b) eliminating the 500-plus
warnings the compiler generated due to sloppiness in the original code,
c) rewriting some portions of the program and eliminating redundant code 
contained in the original, d) extensive debugger checks on the executable
to ensure it does what it is supposed to do, and e) add documentation.

The original C code was originated AFAIK at the NIST in the USA, and the DES
portion is tagged as beeing for 'demonstration purposes only' and devoid of
any kind of warranties, but it should be reliable since it is esentially the
same as five other DES libraries I have on my disk.

Based on above stated facts, the following may (or not) apply to this software:
- Those of us outside the US may possibly not be supposed to have this 
  program and it's source code at all. The United States does not like software
  with cryptographic capabilities to be exported, and some other countries
  don't like their citizens to use cryptographic 'devices' at all.

- This software has been made outside the US, but if introduced into
  the US it may be illegal to re-export it, so don't take the risk.

- This program (pwdgen.exe) is not guaranteed to be of any use at all,
  and there is no guarantee that it will either perform or not perform
  the functions it is supposed to perform (generate random passwords).

- The (all) intellectual rights on the METHODS AND ALGORITHMS implemented
  in this software stay with their author(s), and lastly, with the people
  of the United States of America. They payed the taxes which were used to 
  develop these standards, they deserve all our gratitude. THANK YOU ALL !

- I reserve all rights on this specific IMPLEMENTATION of the methods
  and algorithms as described in FIPS PUB 181 and demonstrated in the
  C code in it's Appendix A, that is, I have all rights over the executable
  and this documentation which I provide to you free of charge, as well as 
  over the C source code resulting from my vast changes to the original,
  and which you can not get from me. The only right you acquire to your copy
  is to use run (execute) it in accordance with the documentation.

Further conditions of license are :
- The program and it's accompanying documentation ('software') are provided
  to you free of charge. This software is not freeware. I am merely
  providing you with a program which is IMHO reasonably free of bugs,
  with intention to demonstrate it's functionality.

- By using this program, you assume all risks derived from its usage.
  If you don't like it, don't use it, and always remember that you are
  getting this for free.

- You may distribute this software as you see it fit, as long as it stays
  unaltered and this documentation is provided together with the executable.
  I do even EXPECT you to give copies of this software to everybody you know.

- You will never ever say a bad word about me for providing you with 
  this software.

- You will never ever charge anything for this software. In the event of
  distributing it, you may not charge for distribution more than what 2 (two) 
  BigMac's or one Pizza cost in your country.

- You may use this software, at any given time, on as much machines and/or
  processors may be available to you concurrently.

- You may use this software for personal, business or both purposes, as long
  as you understand there is NO WARRANTY for anything this software does or
  fails to do and you don't expect any gain or any avoidance of loss to be
  the result of using this software.

- You may NOT reverse engineer or modify the executable or this documentation
  in any manner.

- You are allowed to use this software until date 30.JUNE.1996. After this
  date the executable will stop working anyway. There should be a newer and
  improved version of this program available by then, so this is also to your
  advantage.

- You will never blame me for security incidents at your site, since these
  are most likely due to the stupidity of the administrator(s) of your site.

Last but not least, all products and trademarks mentioned in this text are,
of course, property and/or trademark/copyright of their respective owners.
-------------------------------------------------------------------------------

And now for the fun part.


What does this software (claim to) do ?

As stated above, it generates pseudo-random strings of characters which can
be used as passwords for computer applications.



Why would (should) I use this program ?

This is not easy to answer, but let's try anyway. 
In today's computing environments, most applications which feature some kind 
of 'protection' or 'authentication' mechanism, will require the user (you)
to enter some kind of password in order to either identify yourself to the
system, to access a specific document, or for other purposes.

This kind of access control is quite effective, but it can be weakened when
users use 'bad' or 'weak' passwords, as most of them tend to do most of the
time, and due to sloppiness of the site administrator. These 'bad' passwords 
which are used by people most time can be put in different categories :
- The names of relatives, a birthdate, car number, an ID-document number or 
  a word describing another thing which is related to the user, making this 
  'password' easy to guess if one knows the person to some extent.

- Any word chosen at random. This will probably make the password a bit more 
  difficult to guess, but if an attacker has specialized software at it's
  disposal, a so-called 'dictionary-search' attack will almost surely reveal 
  the used password within minutes or hours. Transposing letters or using
  a foreign language will do no better, it will at best delay a determined
  attacker for a short period.

- A random number or sequence of characters. These are surely the best ones
  to use, but will be difficult to remember, which will incentivate the user
  write it's password down somewhere. Short passwords of this type can be 
  cracked by brute force within brute force, longer ones are difficult to
  remeber.

Here is what this software claims to be useful for : to generate random strings
of characters which look like words but are not actually words. This kind of
passwords have two advantages over those which a user may chose at 'random' :
- They are not easily guessable and are not in any dictionary or 
  word collection used by crackers. As stated in the FIPS standard text, 
  the algorithm used is able to generate about 18 million 6-character 
  words, 5.7 billion 8-character words and 1.6 trillion 10-character words.
  in the standard (-a0) mode, which should be enough to support the password
  needs of a big user community over years.

- They can easily be remembered since they resemble natural words 
  to some extent, which obviates the necessity of the user to write them down
  and make them accessible to third persons unintentionally.

In short, you would use this software if :
- You wanted to make it infeasible for your colleagues at work to guess
  your password and so snoop into your documents.

- You were a network administrator and wanted to stop your users from
  using the name of their favorite pet or their spouse or children as a
  password, as well as to implement and incentivate a better approach to 
  security among your users.

- Your networking software does not provide a password generating facility,
  as is the case with almost all software on the market.



When you would NOT use this software, or what it does not protect you against :

- If your were working in a military-grade security environment, as you have
  no guarantee at all as to wether I or somebody else might have introduced 
  some 'nasty' functionality in the software. In this case you are advised to
  procure your own utilities thru secure channels, or write them yourself.

- Almost all word-processing and spreadsheet software available on the market
  do have some sort of 'password protection' for their documents. While these
  features might stop your colleagues from peeking into your documents, they
  are no protection against somebody with the knowledge about cracking them,
  and good passwords are no protection in case somebody with the knowledge and
  skill wants to get at your data.

- If you write down your password, as long and 'weird' as it might be, there
  is no protection to be expected. The same applies to sharing your password
  with somebody else.

- If the administrator of your LAN is a stupid enough, he might unintentionally
  provide physical and/or root access to some network server, which leaves 
  potential for anybody to get hold of the user (domain) database, in which 
  case the attacker could decide to try to crack it. Remember that encryption 
  capabilities present in most commercial systems are either crippled, badly 
  implemented or both.

In short, even a good password will not protect you against stupidity 
or bad cryptography.



Some Usage Tips :

- When generating a new password, be sure nobody is looking at your screen
  or is behind you. It is best to ensure that you are alone in the room when
  generating a new password. Taking such measures will have the positive
  effects of making involuntary disclosure of your password unlikely, and
  to give you plenty of time to memorize your new password.

- Don't use too short passwords. Regard anything below 8 characters in length
  as beeing insecure. Even 8 characters in length is a compromise, since
  some old software around will not allow passwords any longer.

- Don't use too long passwords either. While the longer the password is the 
  more secure it will be against discovery, it will also be more difficult
  to memorize and may force you to write it down in order to not forget it.

- Always memorize your password. If the program has generated a password which
  you consider difficult to memorize then run it again, chances are there will
  be a more 'acceptable' output. For the purpose of memorizing your password,
  take into account that the human mind will remember around seven (7) related
  'things' at once with relative ease. These related 'things' could be a phrase
  with seven words, a word composed of seven syllabes, a phone number, ...
  Explore for yourself what is the number of related 'things' you can best
  memorize at once.

- When generating and memorizing your password, take yourself ten to fifteen 
  minutes in a comfortable and quiet room, preferrably during the morning.

- Do never write your password down anywhere, and do never share your password
  with anybody. Regard your password as a device comparable to your house key
  or your credit card and handle it accordingly.

- If you are a network administrator, give your users access to this software
  (from a read-only drive on a server) so they can change their passwords each
  time they consider it necessary.

- If your networking or application software supports timing out passwords
  after some amount of time, you should use this capability. If this capability
  is not automatically supported at your installation, you should instruct
  the users of your system to change their passwords after a reasonable amount
  of time, based on the sensibility of the data material you intend to protect.
  For some scenarios, changing your password once a year may be enough, if you
  have more sensible data material to protect, obsoleting passwords after six
  months, three months, one month or even weeks or days may be necessary.
  You should find a balance between protection needed by the data material
  based on it's sensitivity and the given threat scenario, and (hopefully) not
  overburdening your users. 'Reasonable' might be to change your LAN password
  every three (3) months, or, if you were working for a bank, to change it
  every 30 to 45 days at most.



Miscellaneous stuff

- Will there be future version ?
  Yes, and they will include bug fixes as well as functionality improvements.
  When I consider the 'testing' period over, there might even be a commercial
  release of this software, either bundled with other stuff I am working on
  or alone.
  Future releases may (or not) include following changes / improvements:
  * Replaceing the DES code with some other more 'realistic' crypto routines.
    DES is over 15 years old and considered obsolete, and it may be problematic
    to use it from the legal side as well.
  * A nice PM version, perhaps even rewritten in C++.
  * Signal handling, multithreading, better memory (heap) handling.
  * Integration and with IBM's LAN Server and usage of it's API's.
  * A recompilation for the Power-PC if IBM manages to put out OS/2 for PPC
    and the hardware in reasonable quantities.
  * Any suggestions ?

- Will there be a Windows-NT version ?
  If the people working in the GNU C compiler manage to release a usable
  product, yes. The same applies if you decide to donate an MS-C compiler
  which will make Windows-NT programs to me.

- Will there be DOS, Windows-3.1, Windows-95 versions ?
  Never, unless everybody on the net spams me with requests AND somebody
  donates a decent DOS / Windows compiler to me.

- Will there be Unix(TM) versions ?
  Most Unix(TM) derivates do include some sort of password generation facility,
  so it will probably not be necessary.  Ask your site administrator about the
  PWDGEN service.

- How can I contact you (the author) ?
  At the time beeing, you can only contact me only over the Internet, 
  at the address

	Ramin.Darakhschani-Mayer@giga.or.at

  This mailbox will be checked irregularly (once - twice a month), but all
  suggestions, flames, bug reports are welcome, and you will get a response
  ASAP to anything you write.

- How do I register ?
  At this time and until further notice you are not required to register.
  When I decide that this software has evolved enough as to justify asking
  you for cash, I will do so. You are always welcome to tell me that you find
  this program useful and tell me that you are using it. If you do so and 
  include your e-mail address, I will notify you directly when a new version
  is released.

- What are the distribution sites of this software, where do I get new
  releases ?
  New releases will be announced on the Usenet to following groups:
  alt.2600.moderated
  comp.os.os2.announce
  alt.org.team-os2
  
  The software will be distributed to following sites on the Internet:
  ftp-os2.cdrom.com
  eris.giga.or.at
  ftp.leo.org

The archive file containing this software will be PWDGENmnn.ZIP, where mnn
will be :
* m for the major version number
* nn for the minor version number
A major version number of 0 (zero) means that the software is an alpha or beta
release, and is to be considered error-prone and for test purposes only.

The archive will contain 3 files :
- PWDGEN.EXE	The executable
- PWDGEN.TXT	The documentation, this file
- PWDGEN.NEW	Documents the changes in the subsequent releases.
- PWDGEN.MD5	The MD5 signatures for PWDGEN.EXE, PWDGEN.TXT and PWDGEN.NEW,
	 	which are provided so you can test there has been no tampering
		done to the files.

I will as well distribute it to some places over the FidoNet, but the main
distribution medium will be the Internet.