Password Generator

Personally I don’t like generated passwords but a little while ago I found myself wondering how difficult it would be to write a short bit of ‘C’ to generate a random password made up of three-letter groups consisting of a consonant, a vowel, and a consonant, as this is supposed to produce sequences that are not completely unpronounceable, which makes them easier to remember (in theory anyway).

If you just want a random password there are arguably a number of better password generators available (including ‘apg‘,’pwgen‘, and ‘makepasswd‘) but I was interested in seeing if random passwords made up of three-letter groups were actually easier to pronounce and possibly remember (which is why I’ve left out some of the least common letters).

I also decided to include some common letter substitutions that can be used to ‘munge‘ passwords in order to them harder to guess and to allow the passwords to be any length by padding them with numbers (and possibly also special characters, though I’ve come across quite a few web sites where special characters actually cause problems when used in passwords).

 * pwdgen.c
 * Random  Password  Generator  to generate passwords made up from  triplets
 * consisting of a constant, a vowel, and a constant.
 * This  program is free software: you can redistribute it and/or modify  it
 * under  the  terms of the GNU General Public License as published  by  the
 * Free  Software  Foundation, either version 3 of the License, or (at  your
 * option) any later version.
 * This  program  is  distributed in the hope that it will  be  useful,  but
 * WITHOUT   ANY   WARRANTY;   without  even   the   implied   warranty   of
 * Public License for more details.
 * You  should have received a copy of the GNU General Public License  along
 * with this program.  If not, see <>.

#include <stdio.h>
#include <string.h>

#define PASSWORDS 5 /* How many passwords to generate. */
#define LENGTH 11 /* Length of the password. */
#define SIZE 3 /* Size of letter group, use an odd number greater than 1. */

char consonant[] = "bcdfghkl1mnprs5tvwy";
char vowel[] = "a4e3io0u";
char digit[] = "123456789";

/* To  make  the passwords a little less predictable I  have  included  some
 * common digit substitutions in the lists of allowed letters and vowels. You
 * could also include special characters but they are not always allowed. */

int main(int argc, char *argv[]) {
  int  loop; /* Counts passwords generated. */
  int  i,j; /* Counters for characters in each password. */
  char passwd[LENGTH + 1]; /* Character array to hold password 'string'. */

  /* Seed random number generator with an unsigned value. */
  srand((unsigned)(time(NULL) * getpid()));

  for (loop = 0; loop < PASSWORDS; loop++) {

    /* Generate letter groups. */
    for (i = 0; i < (LENGTH / SIZE); i++) {
      for (j = 0; j < SIZE; j++){
        if ((j % 2) == 0) /* Alternate vowel, constonant. */
          passwd[i * SIZE +j] = consonant[rand() % strlen(consonant)];
          passwd[i * SIZE +j] = vowel[rand() % strlen(vowel)];

    /* Pad out password with digits if required. */
    i *= SIZE;
    while (i < LENGTH) {
      passwd[i] = digit[rand() % strlen(digit)];

    /* Terminate password 'string' with a null character. */
    passwd[LENGTH] = '\0';

    /* Print password in groups of three letters. */
    for (i = 0; i < LENGTH; i++) {
      if (((i % SIZE) == 0) && (i >0)) printf("%c",'-');
      printf ("%c",passwd[i]);

Obviously the ‘randomness‘ of the passwords is important which is why I’ve used the ‘time()’ and ‘getpid()’ functions when seeding the random number generator, so the output of the program should be different every time it is run.


When written down the ‘munging’ of the password does make it quite hard to read, but I have to admit that I do find the three-letter groups quite easy to pronounce. However, I’m still not convinced that the resulting passwords are any easier to remember than other computer generated passwords!

This entry was posted in Programming, Security and tagged . Bookmark the permalink.

One Response to Password Generator

  1. jonathan barrow says:

    The problem with generated passwords is that you can`t remember them all. One alternative is to use a strong, hard-to-crack passwords with a password manager like lastpass to save you forgetting them.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s