PWGEN.TXT -- DOCUMENTATION FOR PWGEN.EXE

This is a simple little program that does just one thing:  generates
passwords that are about has hard to guess as they come.  They are not
necessarily easy to remember, unless you use a short one.  Although the
program generates a very long string of nonsense characters, you only need to
take as many as you want to use.  The password generation takes all the
"randomness" (entropy for you students of information theory) it can gather
from every key stroke, including what you pressed, the time you pressed it,
etc., and uses a very strong encryption algorithm (Diamond) to stir it into a
pool of random numbers in such a way that it is unlikely that you could
produce the same password twice in a row, even if you tried.  More
important than that, it is nearly impossible for anyone else to generate the
same password as you did, provided that you make the password long enough
that they can't try all the possible passwords.


INSTALLATION

Just copy PWGEN.EXE to your hard disk (or a floppy if you prefer).  You may
want to put the directory where PWGEN.EXE resides in your PATH if you haven't
already.  PWGEN.EXE maintains a data file, PWGEN.DAT, in the same directory
where PWGEN.EXE resides.  This file holds the pool of random numbers that is
used along with your keystrokes to generate a password.  The pool is
processed after the password is generated in such a way that you can't figure
out the password from the random numbers kept there.


GENERATING A PASSWORD (OR PASS PHRASE)

To generate a password, just type PWGEN at the DOS prompt and type in random
keystrokes when you are prompted to.  If you want to type more or less
keystrokes than the default setting, you can enter a number on the command
line to specify the minimum number of bits you want to collect, but this is
normally not necessary.

PWGEN will display the following information:

Keyboard based random password generator program version 1.00
Copyright (C) 1994 Michael Paul Johnson.  All rights reserved.  No warranty.
This is shareware.  To register, please send the name of this program and
US$20.00 to:
                     Mike Johnson
                     PO BOX 1151
                     LONGMONT CO 80502-1151
                     USA

Check the Colorado Catacombs BBS (303-772-1062) for updates.
Optional command line parameter: number of bits to collect.
Initializing...

The initialization time is mostly in setting up the Diamond Encryption
Algorithm internal key.  It may take a minute or so, depending on the speed
of your computer.  PWGEN then prompts:

Please press keys randomly, both in timing and order.
The less likely someone is able to repeat what you do, the better.
Avoid auto-repeating the same key or pressing the keys too fast.

After you press some keys for a while, PWGEN reports some results, like:

 Use as many of the following characters as you need. Ignore the rest.
 For casual security, use at least 6 characters.  For *nix passwords,
 use 8 characters.  For serious encryption, use at least 12 characters.
 If any of the following characters are not acceptable as a password or
 pass phrase character in your system, simply skip it and use the next
 one.

 Your new password is the first part of:
f=iCyYiMSZJ-SgC/H-!0/oS=udX6}}f~%YZIPK"D>(dI3nBsN;w<bs6s6x'6<rD>F@dv<_*A^?<?6hN


LEGAL NOTICES

PWGEN.EXE and this document are Copyright (C) 1994 Michael Paul Johnson.  All
rights reserved.  This program comes with no warranty, expressed or implied. 
It is your responsibility to determine if it is suitable for your purposes. 
By using or distributing this software you agree never to take legal action
against me for any cause.  If you don't agree to this restriction, then you
are required to erase all of your copies of this program.  This is
shareware.  Permission is granted to distribute unmodified copies of this
program and its documentation, provided that you keep the documentation with
the program and don't charge for it (beyond nominal connect or copying
charges).  If you use this program for more than 60 days, you are required to
register it by sending US$20.00 and the name of this program to the author
at:

    Mike Johnson
    PO BOX 1151
    LONGMONT CO 80502-1151
    USA


CONTACTING THE AUTHOR

You can contact me at the above address or, for electronic mail,
m.p.johnson@ieee.org, CIS 71331,2332, or at the Colorado Catacombs BBS
(303-772-1062).

