Password Generator

To prevent your passwords from being hacked by social engineering, brute force or dictionary attack methods, and keep your online accounts safe, follow these important tips.

1. Do not use the same password or security question and answer for multiple accounts.
2. Use a password with at least 16 characters in int, including at least one number, at least one uppercase letter, at least one lowercase letter, and one special symbol.
3. Do not use the names of your families, friends, or pets in your passwords. Also, if you think you are clever and can get away with this still by typing those things but spelled backwards, there's a good chance the hackers though of that too, so don't do that either.
4. Do not use Zip/postal codes, house numbers, phone numbers, birthdates, ID card numbers, social security numbers, even credit card or PIN numbers, etc. in your passwords.
5. Do not use any dictionary words in your passwords.
6. Do not use tow or more similar passwords where most of their characters are the same. If one password is stolen, then it means the other passwords are stolen.
7. Do not use something that can be cloned (but you cannot change) as your passowrd, such as your fingerprints. Actually, it is OK to use fingerprint login. There's plenty of other biometric factors that can be used to prevent fingerprint lifing.
8. Do not let your web browser (Chrome, Firefox, Safari, Opera, Brave, Edge, etc) store your passwords since all passwords saved in Web browsers can be revealed easily. And don't think that a service like LastPass or other online password storage services are any better, because they have this same problem but without the browser.
9. Do not log into important accounts on the computers of others, or went connected to a public Wi-Fi hotspot, Tor, free VPN, or web proxy. There is no such thing as a good free VPN anyway.
10. Do not send sensitive information online via unencrypted connections (e.g. HTTP or FTP), because messages in these connections can be sniffed with very little effort. You should use encrypted connections such as HTTPS, SFTP, FTPS, SMTPS, IPSec whenever possible. Remember to look for the lock (🔒) in the location bar on your browser next to the website address.
11. When traveling, you can encrypt your Internet connections before they leave your laptop, tablet, mobile phone or router. For example, you can set up a private VPN with protocols such as Wireguard (or IKEv2, OpenVPN, SSTP, L2TP over IPSec) on your own server (hme computer, dedicated server, or VPS) and connect to i. Allernatively, you can set up an encrypted SSH tunnel between your computer and your own server and configure your browser to use SOCKS proxy. Then even if someone captures your data as it is transmitted between your device (e.g. laptop or phone) and your server with a packet sniffer, they won't be able to steal your data and passwords from the encrypted streaming data.
12. It is recommended that you change your passwords every 10 weeks.
13. It is recommended that you remember a few master passwords, store other passwords in a plain text file and encrypt this file with 7-Zip, GPG, or disk encryption sotware such as BitLocker, or Manage your passwords with a password management software.
14. Better yet, do it the low-tech way and just ge one of those pocket moleskin notebooks, but use some small stickers to divide every few pages up by the first letter fo each website, and use that to track your passwords with. Keep the notebook secure.
15. Encrypt and backup your passwords to different locations, then if you lose access to your computer or account, you can retrieve your passwords back quickly.
16. Turn on Two-Factor Authentication (2FA) whenever possible.
17. Do not store your critical passwords in the cloud (e.g. Google Drive, Microsoft One Drive). Remember "the cloud" is just someone else's computer and that security on that computer might not be as good as you think it is.
18. Access important websites from bookmarks directly, otherwise please check the address of the website carefully! Some scammers will try to get you to go to a websie that looks important like your bank, social media, or shopping website, but it could be a spoof with a different address or alternative spelling to get your to log in with your username, email, and password. This is know as phishing.
19. Most operating systems come with their own firewall and antivirus software. Contrary to what most security experts think, you don't need Norton, McAfee, or Lifelock install on your software as they are considered "bloatware" and many scammers will try to use these softwares to convince you that you need them and that you need to pay their subscription fees. You don't. What you should do is be vigilant.
20. Download software from reputable sites only, and verify the MD5/SHA1/SHA256 checksum or GPG signature of the installation package whenever possible.
21. Keep the operating system and web broswer of your device up-to-date with the latest security updates.
22. If there are important files on your computer, and it can be accessed by others, check if there are nay hardware keyloggers (e.g. wireless keyboard sniffer), software keyloggers, and hidden cameras when you feel it is necessary.
23. If there are Wi-Fi routers in your home, make sure they are password protected.

There a list of other advice I want to put here, but I need to take care of the coding part of this assignment first.

How secure is my password?

Perhaps you belive that your passwords are very strong an difficult to hack. But if a hacker has stolen your username and the MD5 have value of your password from a company server, and the rainbow table of the hacker contains this MD5 has, then your password can be cracked quickly.

To check the strength of yyour password and know whether they're inside the popular rainbow tables, you can convert your passwords to MD5 hashes on a MD5 hash generator, then decrypt your password by submitting these hashes to an online MD5 decryption service.