You can use this form to create a password. The password will then be hashed (turned into a SHA512 crypt) so that it can be securely mailed. E-mail the generated SHA512 hash to your IT manager. Your IT manager will use the hash with your account, so that you can log in with your created password. Your password must be:
- At least 8 characters
- At least one lowercase letter
- At least one uppercase letter
- At least one special character such as ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
- At least one digit (0-9)
Enter your valid password to hash:
| Password: | You will eventually use this password to log into your account | |
| (again:) |
The following calculate hash button only enables when your passwords meet the complexity requirements above.
| $6$--------$----------------------------------- | Copy and paste the generated hash, send to help at stat dot ubc dot ca |
Notes:
- Everything on this page is being done entirely on the client end using JavaScript. Your plaintext password is not being sent anywhere.
- Generating a random salt uses the pseudo-random number generator in your browser so chances are it's not using cryptographically secure randomness. If this bothers you, enter your own salt.
- SHA512 cryptograhpy is a strong way to encrypt stuffs. Instead of giving your actual password to IT staffs, you can give the giberish string that the staffs can't tell what the password is. The hash can't be used to for authentication but IT admininstrators can record the hash into their authentication framework (LDAP, Shadow/password) so users can login without divulge the real password to anyone.
- These are more secure methods as your password never leaves your computer, but you'll need to have the prerequisite Unix utilities installed:
- Use latest OpenSSL:
openssl passwd -6 - Use Python:
python -c 'import base64, crypt, os; print(crypt.crypt("XX", "$6$" + base64.b64encode(os.urandom(12)).decode("utf-8")))'
(Replace XX with your password in these examples.)
- Use latest OpenSSL: