On Sun, Feb 07, 2010 at 03:43:59PM -0500, Brad Tilley wrote: > That's OK, my skin is thick. Thanks for the feedback. I had some older fltk > code there initially that behaves in a similar fashion (only it has a GUI). > It seems some of you may have seen that for some reason. Caching I guess. > > Brad
Ok, back to the real topic. The essence is that for key (or password generation) you'll want a cryptographically strong generator. See http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator Why? Because otherwise attackers might e.g. compute your password based on the seed you could have used. Especially time-based seeds are bad in this respect. But even if you have a good seed, attackers can compute earlier or later password based on one or more passwords they know you have generated. -Otto
