How many times a week do you end up having to come up with a unique (hopefully) password for some new site or service? If you're anything like me then the answer is more times than you'd care to admit. In fact, I do it so often that I got sick of having to use the standard password generator inside of 1Password. Don't get me wrong, the 1Password folks did a great job with their generator, but it's a pain to have to launch the app, type in my master password, find the password generator section, choose my preferences, and then generate a new password. I figured there had to be a simpler way of doing this that would generate passwords just as secure as those found in 1Password.
After a few days thinking about it I decided I was going to roll my own password generator. The end result ended up being far more convenient than I had ever imagined it being. I've been using my system to generate secure, random passwords since 2019 and I haven't found any bugs yet. I sure hope it stays that way too. Anyway, created my system using an application launcher program for macOS called Alfred and a custom workflow. The creator(s) of Alfred describe it as an application which can help boost your efficiency via the use of hotkeys, keywords, text expansion, and more. Using Alfred you can search your Mac and the web, launch applications, and control pretty much everything using custom actions called workflows.
I knew right from the start that I wanted this to be as easy as typing in a single word. I also wanted my workflow to copy the newly generated password to the clipboard for use in other applications, to save it in a temporary text file for retrieval at a later time, and to display a message on the desktop saying that the password had been created successfully. All that being said, my workflow works by looking for the
pass keyword. When the keyword is typed in Alfred it activates the workflow which then runs an extremely simple Bash script that contains the following shell statement:
$ openssl rand -base64 32 | tr -d "=+/" | cut -c1-24
Let's break this statement down starting with
openssl. The first part of this string of commands generates 32 random bytes (256 bits) in encoded base64 format. The result is then piped into the
tr command where the
=+/ characters are stripped out. The result of that command is piped one final time into the
cut command where the final password is trimmed down to a maximum of 24 characters. The end result is a secure, randomly generated, 24 character, alphanumeric password with certain problematic characters and/or symbols stripped out. Finally, the workflow copies the password to the macOS clipboard, writes it to a text file in
~/Downloads, and then displays a macOS notification on the desktop. From there I can paste the password into any app that I want. I find this particularly useful when combined with Apple's awesome Hand Off feature for iOS.
If you're interested in trying out my workflow you can download it from GitHub. Once download, just double-click on the workflow to install it. Finally, you can modify it by calling up Alfred, choosing
Show Alfred Preferences from the list, and clicking on the Password Generator workflow. Maybe you want a password longer than 24 characters? if so, just open the Bash statement in the workflow and modify the
cut command from 24 to whatever you'd like.
This is an extremely simple way of generating passwords and I'm sure there are plenty of neat ways to expand it or make it better. Please let me know if you it useful, and definitely ping me if you add additional functionality to the workflow. I can't wait to see what everyone comes up with! :-)
— Patrick (a.k.a Hist0rian)