Show HN: Passgen – Offline C password generator (opens in new tab)

(github.com)

1 pointssilentpuck0y ago3 comments

3 comments

3 comments · 2 top-level

fainpul0y ago· 1 in thread

I usually use something like this:

  openssl rand -base64 20

or if openssl is not available:

  head -c 20 /dev/random | base64

It encodes 20 random bytes in base64. Due to how base64 works, using 20 bytes ensures there is always an equals sign at the end. So the password contains uppercase, lowercase, numbers and special characters. Although it's not bulletproof - it could theoretically (I think) generate base64 strings without numbers or only lowercase letters etc.

silentpuckOP0y ago

Thanks! That's a solid method and definitely a good fallback when openssl or base64 are available.

passgen is more of a "C-first, offline, no-dependencies" tool — aimed at setups where even those might be unavailable or untrusted. But I’ll definitely keep developing it further, and may add some of the ideas you mentioned. Appreciate the input!

smidgeon0y ago

Anyone who would run a random binary downloaded from the internet will probably be using the password "password"

j / k navigate · click thread line to collapse