How to Create Secure Passwords from the Terminal

Studies on passwords show that people are still using the same passwords even through several years.The worst passwords are the same. This is a danger in our security, sooner or later we could be hacked. Take a look of the summary of the worst passwords from Wikipedia.

In general it’s recommended to use a different password for each site or service, avoiding repeated passwords.

  • Combination of capital letters, numbers and special characters.
  • Use short sentences to remember them easily.
  • Avoid using the same password for different sites, services or computers.

Command Line Tools

In Linux we have several tools to create secure passwords , such as APG. APG, Automatic Password Generator, allows to create passwords in a simple way in real time.

To generate a password of 10 characters easily type the following command:

apg -a 0 
image - How to Create Secure Passwords from the Terminal

Default maximum password length is 10. By default we will get 6 proposals.

To generate a password with a length of 8 characters, the instruction would be:

apg -a 0 -x 8 
image 1 - How to Create Secure Passwords from the Terminal

These are the parameters I used in the previous examples:

-ause algorithm for password generation.
0(default) pronounceable password generation
1random character password generation
-xgenerate password with maximum length max_pass_len. 

There are other tools like pwgen and makepasswd, which unlike apg need to be installed. We need to install that packages.


sudo apt install makepasswd

makepasswd generates true random passwords using /dev/urandom, with the emphasis on security over pronounceability. It can also encrypt plaintext passwords given on the command line.

image 2 - How to Create Secure Passwords from the Terminal

The command will return a 9 characters password by default.


sudo apt install pwgen

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely random passwords. In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack.

On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.

To get one 8 character password type the following command:

pwgen -n1
image 3 - How to Create Secure Passwords from the Terminal

To get strong passwords use the -s parameter

pwgen -n1 -s
image 4 - How to Create Secure Passwords from the Terminal

To get a long passwords , ie. 10 characters use the following command

pwgen  10 -n1
image 5 - How to Create Secure Passwords from the Terminal

If you avoid the -n1 command you’ll get a bunch of passwords.

Stefan Pejcic
Join the discussion

I enjoy constructive responses and professional comments to my posts, and invite anyone to comment or link to my site.

1 comment