PassGen – Secure Password Generator
User Manual
Version: 0.1.2
July 15, 2025
Contents
Introduction
PassGen is a program that generates cryptographically secure passwords. The passwords can vary in length from eight characters to thirty-six characters. The passwords can be generated from a character table consisting of the 94 printable and visible characters of the ASCII character set.
The program user can choose the 52 upper and lowercase letters, 10 digits, and 32 printable symbol in any combination as needed. In addition, the user can create a custom symbol set as may be required. Press the "Generate" button and you have a password and an indication of the password's relative strength.
Quick Start
Step 1. Set Character Table.The PassGen program starts with uppercase and lowercase letters, numbers, and all of the visible ASCII characters (except the space character) selected. These are the characters the program will use to construct the password.
If your password must use a different set of symbols, select the 'Custom Symbols' radio button and enter the permissible symbols into the 'Custom Symbols' entry box.
If your password must be letters and numbers only, select the 'No Symbols' radio button.
Step 2. Select Password.Length Press the + or - button until your desired password length is displayed.
Step 3. Generate The Password. Click the 'Generate' button to generate the password. The password will be displayed with an estimated strength indicator.
Step 4. Use The Password.You can select and copy the password to where you need it.
Step 5. Store The Password.The best place to store your password is in a password vault program. You can paste it into a local document or write it down on a slip of paper. In any case, you should keep it safe and available to find as these randomly generated passwords are very difficult for most people to remember.
Passwords
Purpose.A password is used, generally, as an access token to some information that only you should be able to access to the exclusion of others. You, and anyone in possession of your password, will be able to access your private information.
SecurityThe security of your stored information depends on the security of your password. People who make up their own password will frequently use dates, names, places or events from their personal experience. They may make substitutes such as '@' for 'A' or '\$' for 'S' in order to obfuscate the password. Attackers have electronic dictionaries with many thousands of words to help them guess your password. They can also research social media and other easily available public information to learn many personal facts about you, your friends and your family. In short, if you include these things in your password, you are making things easy for an attacker.
PassGen generates a string of randomly selected characters for your password. Using random characters rather than familiar or personal words eliminates the shortcuts for guessing your password leaving a 'brute force' attack as the way to guess your password. This means an attacker must try every combination of possible characters to try and guess the password. Even with computers capable of doing millions of guesses per second, a strong password will make it take many years to guess the correct combination.
The downside of having a random string of characters for a password is that a strong random password is very difficult to remember. You must store it in a secure, but easily available, manner. By far, the best way is to commit it to a good password manager program. If you must, write it down and keep it in a secure, easily available place.
class="paraTitle">Password Strength.The strength of a password, assuming that the characters chosen for the password are chosen mathematically randomly and unbiased, depends only on the number of characters available to be chosen and the number of characters in the password.
The theoretical strength of a password is estimated by it's bit entropy. The bit entropy of a password is directly related to the time it would take to guess it by guessing all possible combinations of all possible characters.
The bit entropy is a measure of how secure a given password is. A password's bit entropy is calculated by the following equation:
H = log2(NL) = L log2(N)
where:
H = bit entropy
L = number of characters in password
N = number of characters to choose from
This formula assumes each individual character in the password is selected randomly and unbiased. There are only two ways to increase a password's bit entropy --- increase L or increase N. When generating a password for a particular use, you should use the maximum characters you can for choosing from and use the longest password you are allowed. This will guarantee you are using the strongest password possible.
Relative Strength.PassGen calculates the estimated bit entropy using the formula listed above. It assigns a general strength category based on the calculated bit entropy. Bit entropy of less than 80 bits are placed by PassGen in the "WEAK" category. Bit entropy from 80 bits to 99 bits are labeled "MODERATE", 100 bits to 127 bits are labeled "STRONG", and, 128 bits and greater are labeled "VERY STRONG".
PassGen inserts the value of the calculated bit entropy in parentheses at the end of the strength indicator for the password. It can be an interesting and informative exercise to try different character sets and password lengths and see how bit entropy is affected.
Program Operation
Build Character Table
To Be Written.
Select Password Length
To Be Written.
Generate Password
To Be Written.
Note Password Strength
To Be Written.
Using Your Password
To Be Written.
Storing Your Password
To Be Written.
Example Scenarios.
To Be Written.