Remembering all the passwords you need in the modern world is, simply put, impossible. Some people resort to sticking with one password and using it everywhere. Others use memorable passwords like their family’s birthdays, or names of their pets. Both strategies are terrible, security-wise. Memorable passwords are also guessable, and if a breach exposes one of your all-the-same passwords, you’ve compromised all your accounts. That’s why your only safe course is to use a password manager, and change all your passwords to something random and unguessable.
Almost every password manager includes a password generator component, so you don’t have to come up with those random passwords yourself. (But if you want a do-it-yourself solution, we’ll show you how to build your own random password generator). However, not all password generators are created equal. When you know how they work, you can choose the one that’s best for you, and use the one you have intelligently.
Password Generators—Random or Not?
When you throw a pair of dice, you get a truly random result. Nobody can predict whether you’ll get snake eyes, boxcars, or a lucky seven. But in the computer realm, physical randomizers like dice aren’t available. Yes, there are a few random number sources based on radioactive decay, but you won’t find these in the average consumer-side password manager.
Password managers and other computer programs use what’s called a pseudo-random algorithm. This algorithm starts with a number called a seed. The algorithm processes the seed and gets a new number with no traceable connection to the old, and the new number…