We all know the importance of a secure password in our system, services, online account, and other critical applications. The important point is to generate a password that is secure enough to rely on and that follows all the basic requirements of a strong password. The common thinking is that a strong password must be of a minimum of 14 characters and contains lowercase letters, upper case letters, numbers, and symbols. Also, a password should not be based on common names and dictionary words. In this article, we will be discussing some tools in Linux through which you can generate such secure and strong passwords.
We have run the commands and procedure discussed in this article on Debian 10 system. Some of these tools are command-line based while some are based on GUI. To open the command-line Terminal in Debian, go to the Activities tab in the top left corner of your desktop. Then in the search bar, type the keyword terminal. When the search result appears, click on the Terminal icon to open it.
Method 1: Using OpenSSL
Open SSL is a command-line utility whose rand function can be used for generating secure random passwords in a Linux system. Just specify the byte length of the password you want to generate and OpenSSL will perform all the computation and generate password. If the output of rand function is fed to the base64 encoding, password format can be made more user-friendly. Base 64 encoding uses “A–Z, a–z, 0–9, + and /” characters only.
OpenSSL is pre-installed in most of the Linux distributions. However, it may lack the rand function. To install the rand function in OpenSSL, execute this command in Terminal:
$ sudo apt install rand
To generate secure passwords using OpenSSL rand function, execute this command in Terminal:
$ openssl rand -base64 14
Where,
- Rand: OpenSSL function that generates a pseudo-random password
- -base64: ensures that the password format is user-friendly
- 14: Length of the password
Method 2: Using the pwgen utility
Pwgen is another command-line utility that can be used to generate secure passwords. It generates such passwords that users can easily memorize.
Pwgen is not already installed in the Linux distributions. So in order to use Pwgen, you will have to manually install it. Execute this command in Terminal to do so:
$ sudo apt-get install pwgen
It will take a while depending upon your internet speed after which it will be installed on your system.
The pwgen “help” command includes a lot of options using which you can customize the password. Use the following command to see the help:
$ pwgen --help
The general syntax of Pwgen command is:`
$ pwgen [ OPTIONS ] [ passwd_length ] [ num_passwd ]
Here are some of the useful options that can be used with the pwgen command:
-c: Add minimum one capital letter in the password
-A: Do not add capital letters in the password
-n: Add minimum one number in the password
-0: Do not add numbers in the password
-y: Add minimum one symbol in the password
-s: Create an entirely random password
-B: Do not add vague characters in the password
To generate one 16 character password, the following command can be used:
$ pwgen 16 1
Now let’s try adding some options in the pwgen command to generate an entirely random password that contains symbols in it. The command, in this case, would be:
$ pwgen -ys 16 1
If you compare the output of both commands, you can see the latter one is more complex and includes symbols.
Method 3: Using the GPG utility
GPG is an open-source command-line utility for generating secure passwords in your Linux, Microsoft Windows, and Android systems.
For instance, the following command will generate a secure random password of 16 characters in an ASCII armored format.
$ gpg --gen-random --armor 1 16
Method 4: Using the Perl utility
Perl is another command-line utility that can be used to generate a secure random password in Linux systems. It is available in the Debian official repositories, therefore can be installed using the apt-get command.
Execute this command in Terminal to install Perl utility:
$ sudo apt-get install perl
Once the Perl is installed, follow the below procedure in order to generate secure random password:
First, we will have to create a new Perl program. To do so, open a new file in any text editor.
Here, we will use Nano editor to open a new file named “passwordgen.pl” using the following command in Terminal.
$ nano passwordgen.pl
Add the following lines in your file “passwordgen.pl”:
#!/usr/bin/perl
my @alphanumeric = ('a'..'z', 'A'..'Z', 0..9);
my $randpassword = join '', map $alphanumeric[rand @alphanumeric], 0..8;
print "$randpassword\n"
Once done, press Ctrl+o and Ctrl+x simultaneously to save and exit the file. 
Then run the following command in Terminal to run the Perl program:
$ perl passwordgen.pl
It will generate a password which you can use anywhere you want.
Method 5: Using the Revelation UI Application
All the methods we have discussed until now were command-line based. Now let’s have a look at some methods of password generation through the GUI. One of such tool is Revelation through which you can generate customized secure passwords.
To install Revelation, execute this command in Terminal:
$ sudo apt-get install revelation
The system might provide you with a Y/n option to continue the installation. Hit Y to continue and the Revelation application will be installed in your system.
Once installed, open the Revelation application either through the Terminal or searching through the Activities tab.
When the Revelation application opens, go to View > Password Generator option. It will open the Password Generator dialog box in which you can specify the length of the password. Check the box at the bottom if you want to add punctuation characters in passwords. Then click the Generate button to generate a secure password.
Now go to the View > Show Passwords from the top menu bar. It allows you to view the generated passwords in readable form instead of in hidden asterisk form.
Method 6: Using the UI Keepassx application
The Keepassx, published under GNU General Public License is a cross-platform password management application. It keeps various information such as username, password, URL, notes, etc in a single database.
In order to install Keepassx application in your system, run the following command in Terminal:
$ sudo apt-get install keepassx
Hit Y when the system prompts you with a Y/n option. Once the installation is finished, you can launch the application either through the Terminal or searching through the Application list.
Follow these steps to generate a strong password through the Keepasx application:
- From the top menu bar, go to Database > New database, and add the master key by entering it twice.
- Then go to Groups >Add a new group. Here enter a group name and then click OK.
- The next step is to Go to Entries > Add New entry.
You will see the following view. Here click on the Gen button to generate a password.
Here you can also specify graphically if you want to add small and capital letters, numbers, and symbols. You can also specify if you do not want to include look-alike characters.
So these were some ways including both GUI and command line through which you can generate secure passwords in your Debian system. These secure passwords can then be used anywhere on the internet and your system applications. It is always recommended not to save these passwords in a file in your system as it may be accessed by some unauthorized users.
