passwords

cat /dev/random | tr -dc '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' | head -c 12 | sed -r 's/(.{4})/\1-/g' | sed -r 's/(.*)-$/\1\n/g'

cat /dev/random | tr -dc '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' | head -c 20 | sed -r 's/(.{4})/\1-/g' | sed -r 's/(.*)-$/\1\n/g'

Entropy

A password length of 12 characters from an alphabet with 62 possibilities (a-zA-Z0-9) give you an entropy of 71 bits:

$ qalc 'log(62^12; 2)'
log(62^12; 2) = 12 + (12 × ln(31)) / ln(2) ≈ 71,45035572

16 characters will give you 95 bits:

$ qalc 'log(62^16; 2)'
log(62^16; 2) = 16 + (16 × ln(31)) / ln(2) ≈ 95,26714097

To reach 128-bit, you’d need 22 characters:

$ qalc 'log(62^22; 2)'
log(62^22; 2) = 22 + (22 × ln(31)) / ln(2) ≈ 130,9923188

Update: I have changed the alphabet from [a-zA-Z0-9] to Base58 (123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz) to avoid similar looking letters when written down.

This reduces the entropy a bit and is now:

• 70 bits for 12 characters
• 93 bits for 16 characters
• 117 bits for 20 characters