And PLEASE drop us a line to let us know that you have such a device and what it is!Shorter pieces are random too: A beneficial property of these maximum entropy pseudo-random passwords is their lack of "inter-symbol memory." This means that in a string of symbols, any of the possible password symbols is equally likely to occur next.
So you should always try to use passwords like these.
When these passwords are used to generate pre-shared keys for protecting WPA Wi Fi and VPN networks, the only known attack is the use of "brute force" trying every possible password combination.
The following diagram and discussion provides full disclosure of the pseudo-random number generating algorithm I employed to create the passwords on this page: While the diagram above might at first seem a bit confusing, it is a common and well understood configuration of standard cryptographic elements.
A succinct written description of the algorithm would read: "Rijndael (AES) block encryption of never-repeating counter values in CBC mode." CBC stands for "Cipher Block Chaining" and, as I describe in detail in the second half of Security Now!
Since we have heard unconfirmed anecdotal reports of such non-compliant WPA devices (and since you might have one), this page also offers "junior" WPA password strings using only the "easy" ASCII characters which even any non-fully-specification-compliant device would have to be able to properly handle.
If you find that using the full random ASCII character set within your WPA-PSK protected Wi Fi network causes one of your devices to be unable to connect to your WPA protected access point, you can downgrade your WPA network to "easy ASCII" by using one of these easy keys.One last detail: Since there is no "output from the previous encryption" to be used during the encryption of the first block, the switch shown in the diagram above is used to supply a 128-bit "Initialization Vector" (which is just 128-bits of secret random data) for the XOR-mixing of the first counter value.Thus, the first encryption is performed on a mixture of the 128-bit counter and the "Initialization Vector" value, and subsequent encryptions are performed on the mixture of the incrementing counter and the previous encrypted result.This is important if your application requires you to use shorter password strings.Any "sub-string" of symbols will be just as random and high quality as any other. The use of these maximum-entropy passwords minimizes (essentially zeroes) the likelihood of successful "dictionary attacks" since these passwords won't appear in any dictionary.(The ASCII character set was updated to remove SPACE characters since a number of WPA devices were not handling spaces as they should.) The 63 alphanumeric-only character subset: If some device was not following the Wi Fi Alliance WPA specification by not hashing the entire printable ASCII character set correctly, it would end up with a different 256-bit hash result than devices that correctly obeyed the specification.