It is important to make sure each and every password used for any type of account is strong. Before we get into how to generate these passwords, let's go over some of the characteristics of strong passwords.
Password security is one of the key parts of security of any application, whether it's a website, email address, or any other type of account in the server.1) It is very important that each and every password you use anywhere have all three of these features:
The easiest way to fulfill all of these, is to regenerate a new password randomly, each time you create or reset a password of any kind.
Adding "special characters"2) can help make a password "effectively longer" without adding more characters. For this reason some applications will require you to use at least one of this type of character. However, applications differ on which special characters they allow. Additionally, if a password is long enough, then an alphanumeric password can still be as secure as a shorter password that has special characters. For this reason, it is probably easiest to generate a longer password with alphanumeric3) characters, and then add one or more special characters afterwards if required.4)
It is also important when choosing a password, to consider how the password will be stored. You need to make sure you will have access to the password, but no one else will. "Ideally" you would memorize the password and never store it anywhere outside of your head, however, due to the faliability of human memory, this is not reliable for more than a small number of passwords, or for passwords that are not short. And a short, reused, or non-random password is going to be very easy for potential attackers to guess, which renders the password useless. So it is almost inevitable that the password will have to be stored somewhere.
It is not a good idea to store the password in a plain-text or weakly-obfuscated format in your computer, since it is very common for computer infections to find passwords in this way, and send them to attackers to use to log into your various accounts. For example, the web browser's password storage is one of the first places these infections will look, so it is especially not recommended to let the web browser itself store the passwords. Nor should you use a plaintext file on your desktop or in your documents folder, for the same reason. If you do need to store the passwords in your computer, it is recommended to use a program like KeePassX5) or a service like LastPass.6)
If you do not have a password manager like these, or if the password is for something like your workstation where you have to log in before being able to even access the password manager, the next best option would be to write the passwords down. It is very important not to lose this paper. It is also strongly recommended to obfuscate the passwords, as well as which account each password is for. Make sure that when looking at the page, you will know what the passwords are and what they go to, but that someone else looking at the page will know neither.
If you do have a password manager like KeePassX or like LastPass, you can use the built-in password generator there, but it is also useful to know a few ways of generating strong passwords without use of these, in case you need to make up a password when you don't have these available to you. Here are some useful commands for generating long randomized passwords. If your computer uses Linux, Mac, or another Unix-like operating system, or if you are a Windows user using cygwin,7) you should be able to use these commands in your computer's commandline. If this is not possible, or if you prefer to generate the passwords from within your server, you can log in via SSH and run the commands there.8)
These commands show example output of what the output of the command might look like. Do NOT use these specific passwords! Run the desired command yourself to generate your own.
Here are some commands to get you started. To some extent, pieces of these can be mixed and matched to get different types of results. For advanced users, you can learn more about each of these commands by typing
man echo, and/or
man seq. More about for loops can be found here.
$ head -c 50 /dev/urandom | base64 | tr -d '/+=' | cut -c1-50 VIUmBnM5O6e9ULzrQIUbeBNxtifV3FnvxXguRNWUEkg7RLyj2O
$ head -c 23 /dev/urandom | base64 | tr -d '/+=' | cut -c1-23 hoof1VnzfCkvyjRQPlRcRzr
$ cat /dev/urandom | tr -dc '[:alnum:][email protected]#$%^' | head -c 16; echo "" [email protected]
$ for each in $(seq 5); do cat /dev/urandom | tr -dc '[:alnum:]$%^&*' | head -c 16; echo ""; done hVEa$sryiMfaJYEN LqB7zjdPysdx43%p Rf%9BkCuPUs1pLCH efUodde*Msvgh0LR xiQYFHE5HyOZPtzi
$ for each in $(seq 5); do head -c 23 /dev/urandom | base64 | tr -d '/+=' | cut -c1-23; done D6vx2gjJrKLdmA3QpON8IvP Cs41lyWMLsFQrmyTR0qLmnD MVjASrpGdcQhH216JoCFxLf ICaS1MwyWBFetQEKafJmrt2 jiKtKJqDEmZAiBtm667p83q