It struck me as strange that /dev/uramdom is being used instead of /dev/random. The latter blocks until the entropy pool is replenished. The reason /dev/urandom is needed is that the above script throws away a lot of information. It is still an interesing little script (using tools installed by default in many distros), but a dedicated tool like pwgen (that another user suggested) is probably better.

I am posting this reply because another user was suggesting using /dev/urandom as a source of entropy based on the above script, possibly not understanding the implications. If you want guaranteed entropy, you use /dev/random. If all you need is "very good psuedorandom," then you would use /dev/urandom.

In the above script, the following happens:

• High quality psuedorandom bytes are generated.
• 75% of those are filtered out because they are not one of the 62 allowed characters.
• The lines are wrapped to the desired width.
• The first 4 lines (passwords) are displayed. I think the whole chain quits when 'head' exits (+- buffering).

Edit: I totally used the 12 digit, special character version for my updated forum password. The use of 'grep' at the end may actually weaken the passwords by omiting any that do not use special characters.