Provided by: pwgen_2.06-1ubuntu2_amd64 bug

NAME

       pwgen - generate pronounceable passwords

SYNOPSIS

       pwgen [ OPTION ] [ pw_length ] [ num_pw ]

DESCRIPTION

       The pwgen program generates passwords which are designed to be easily memorized by humans,
       while being as secure as possible.  Human-memorable passwords are never  going  to  be  as
       secure  as  completely completely random passwords.  In particular, passwords generated by
       pwgen without the -s option should not be used in  places  where  the  password  could  be
       attacked  via  an  off-line  brute-force  attack.   On the other hand, completely randomly
       generated  passwords have a tendency  to  be  written  down,  and  are  subject  to  being
       compromised in that fashion.

       The pwgen program is designed to be used both interactively, and in shell scripts.  Hence,
       its default behavior differs depending on whether the standard output is a tty device or a
       pipe to another program.  Used interactively, pwgen will display a screenful of passwords,
       allowing the user to pick a single password, and then  quickly  erase  the  screen.   This
       prevents someone from being able to "shoulder surf" the user's chosen password.

       When standard output (stdout) is not a tty, pwgen will only generate one password, as this
       tends to be much more convenient for shell scripts, and in order  to  be  compatible  with
       previous versions of this program.

       In  addition,  for  backwards  compatibility  reasons, when stdout is not a tty and secure
       password generation  mode  has  not  been  requested,  pwgen  will  generate  less  secure
       passwords,  as  if the -0A options had been passed to it on the command line.  This can be
       overriden using the -nc options.  In the future, the behavior when stdout  is  a  tty  may
       change,  so  shell  scripts  using pwgen should explicitly specify the -nc or -0A options.
       The latter is not recommended for security reasons, since such passwords are far too  easy
       to guess.

OPTIONS

       -0, --no-numerals
              Don't include numbers in the generated passwords.

       -1     Print the generated passwords one per line.

       -A, --no-capitalize
              Don't bother to include any capital letters in the generated passwords.

       -a, --alt-phonics
              This  option  doesn't  do  anything  special;  it  is  present  only  for backwards
              compatibility.

       -B, --ambiguous
              Don't use characters that could be confused by the user when printed, such  as  'l'
              and   '1',  or  '0'  or  'O'.   This  reduces  the  number  of  possible  passwords
              significantly, and as such reduces the quality of the passwords.  It may be  useful
              for  users  who  have  bad  vision,  but  in  general  use  of  this  option is not
              recommended.

       -c, --capitalize
              Include at least one capital letter in the password.  This is the  default  if  the
              standard output is a tty device.

       -C     Print  the  generated  passwords  in  columns.  This is the default if the standard
              output is a tty device.

       -N, --num-passwords=num
              Generate num passwords.  This defaults to a screenful if passwords are  printed  by
              columns, and one password.

       -n, --numerals
              Include  at  least one number in the password.  This is the default if the standard
              output is a tty device.

       -H, --sha1=/path/to/file[#seed]
              Will use the sha1's hash of given file and the optional seed to create password. It
              will  allow you to compute the same password later, if you remember the file, seed,
              and pwgen's options used.  ie: pwgen -H ~/your_favorite.mp3#your@email.com gives  a
              list  of possibles passwords for your pop3 account, and you can ask this list again
              and again.

              WARNING: The passwords generated using this option are not very random.  If you use
              this  option, make sure the attacker can not obtain a copy of the file.  Also, note
              that the name  of  the  file  may  be  easily  available  from  the  ~/.history  or
              ~/.bash_history file.

       -h, --help
              Print a help message.

       -s, --secure
              Generate  completely random, hard-to-memorize passwords.  These should only be used
              for machine passwords, since otherwise  it's  almost  guaranteed  that  users  will
              simply write the password on a piece of paper taped to the monitor...

       -v, --no-vowels
              Generate  random  passwords  that  do  not  contain vowels or numbers that might be
              mistaken  for  vowels.   It  provides  less  secure  passwords  to   allow   system
              administrators  to  not  have  to  worry with random passwords accidentally contain
              offensive substrings.

       -y, --symbols
              Include at least one special character in the password.

AUTHOR

       This version of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>.  It  is  modelled
       after  a  program  originally  written  by  Brandon S. Allbery, and then later extensively
       modified by Olaf Titz,  Jim Lynch, and others.  It was rewritten from scratch by  Theodore
       Ts'o  because  the original program was somewhat of a hack, and thus hard to maintain, and
       because the licensing status of the program was unclear.

SEE ALSO

       passwd(1)