is this app idea possible?

[3v3rgr33n]

Hi

I'm a University student. The varsity allocates about 3gigs of data per month for each student. My friends normally finish their data before the end of the month and hassle me for mine.

The thing is --- we each have passwords. The problem I have is that they want me to give them my password. You might think --- it's not a big deal since you can change it.

The problem however is that I cannot recycle my passwords as with the university password system -- you cannot change your password to a previous one for security reasons.

I've been meaning to build an app that can create a temp. password for my account.
Is this possible and how would one go about doing it?


Regards

[r-senior]

You should already have a password generator called apg that generates strong passwords:

Code:

$ apg

Please enter some random data (only first 16 are significant)
(eg. your old password):>
Felbyet2 (Felb-yet-TWO)
OthOmmuIpOs8 (Oth-Om-mu-Ip-Os-EIGHT)
ojDaffyab8 (oj-Daff-yab-EIGHT)
yedguAjnot8 (yed-gu-Aj-not-EIGHT)
ErfLckFam8 (Erf-Lck-Fam-EIGHT)
madBirb4 (mad-Birb-FOUR)

[3v3rgr33n]

I don't want to just generate passwords.

I want to generate TEMPORARY passwords for a specific account!

[SuperCamel]

I don't want to just generate passwords.

I want to generate TEMPORARY passwords for a specific account!

How will passwords be set? Will the password expire and change after a period of time? You say you can't recycle passwords so the password can't be reset to what it was originally, right?

[3v3rgr33n]

How will passwords be set? Will the password expire and change after a period of time? You say you can't recycle passwords so the password can't be reset to what it was originally, right?

1. Will the password expire and change after a period of time?

Yes!

2. You say you can't recycle passwords so the password can't be reset to what it was originally, right?

Yes It can't. Is it not possible to create an additional password --- then one would have the original password and a temp. one

3. How will passwords be set?

I don't know the specifics yet. That's what I'm tryng to figure out

4. Will the password expire and change after a period of time?

Yes.

[trent.josephsen]

That's a pretty reasonable set of requirements. Assuming you have a secure PC that can run this program on a schedule, or whenever you want it to run, it shouldn't be too difficult to work out the specifics.

I imagine your university has a Web page that you go to in a browser to change your password. Ideally, all you need to do is look at the source of that page and see where and how it sends the data, then create a program that does the same thing the browser does, but automatically. You'll almost certainly want to use HTTPS, which does make it a little more complicated, but not too much. You'll need some background in HTML and a basic understanding of HTTP(S), plus whatever language you decide to use.

Perl is my go-to language for... well, most things, really, so I'd probably look into doing it with the WWW::Mechanize module (which I've never used before, so I could be going down the wrong track entirely, but it's a place to start).

One thing you could do is use your "old" password as a base password, and add one or two characters to it to create a new, "unique" but still easily remembered password. Like if your current password is foobar2700, you could have your app generate passwords like foobar2700_aQ and foobar2700_3p. You could even have it text the new ending (aQ or 3p or whatever) to your phone whenever it changes, so you can always know the password without ever divulging the whole thing. (That last depends on your cell carrier.) That saves you the trouble of remembering a whole new password every time it gets "reset".

[KdotJ]

Maybe your friends should just be more careful with their data?

I agree with Cheesemill that this is probably against your University's rules and not worth the trouble.

[Habitual]

Easy answer, keep your password.