.\" Do *not* edit this file; it was automatically generated by ej2man
.\" Look for a name.ej file with the same name as this filename
.\"
.\" Process this file with the following
.\" nroff -man -Tutf8 maradns.8 | tr '\020' ' '
.\"
.\" Last updated Mon Aug 14 15:02:17 2006
.\"
.TH MQHASH 1 "August 2006" MQHASH "MaraDNS reference"
.\" We don't want hyphenation (it's too ugly)
.\" We also disable justification when using nroff
.\" Due to the way the -mandoc macro works, this needs to be placed
.\" after the .TH heading
.hy 0
.if n .na
.\"
.\" We need the following stuff so that we can have single quotes
.\" In both groff and other UNIX *roff processors
.if \n(.g .mso www.tmac
.ds aq \(aq
.if !\n(.g .if '\(aq'' .ds aq \'

.SH "NAME"
.PP
mqhash - Simple secure password generator
.SH "SYNOPSIS"
.PP
.B "mqhash [-n #] [-s] [-u] {data to hash}"
.SH "DESCRIPTION"
.PP
.B "mqhash"
is a simple secure password generator.
.PP
The program uses MaraDNS\(aq secure random number generator as the
compression function for a secure hash; the output of this secure
hash can be used as passwords for various locations on the internet.
.PP
This program solves the problem of either using the same password on
multiple web sites, or having so many passwords that it is not
practical
to remember them all.
.SH "USAGE"
.PP
The first step in using
.B "mqhash"
as a secure password generator is
to set up a master secret from which all other passwords are generated.
It is important to keep this master secret secure; such as on a Linux
or BSD machine that is always behind a firewall and is current with
security updates.
.PP
This secure secret is put in the file ~/.mhash_prefix. It is
important that this secret is hard to guess; the security of all
generated
passwords is only as secure as the master secret.
.PP
Once the ~/.mhash_prefix file is set up, mqhash is run thusly:

.nf
mqhash -s {location}
.fi

Where {location} is a web site, email address, or any other text string
that describes where a given password is located. It is recommended
that
one uses a consistent style for {location} so that one can remember
passwords for web sites that one has not visited for a while.
Mqhash does not impose a style for remembering passwords; it is up
to the user to create one.
.PP
.B "mqhash"
will output four potential passwords that have 32
bits of entropy. If more entropy is desired in a password, two
32-bit passwords can be joined together to generate a 64-bit
password. A 32-bit password will protect against casual attacks
but can be broken by a determined attacker with extensive resources
attacking a website that does not lock out a user after too many failed
attempts. A 64-bit password is immune to even a very determined
attacker.
.PP
.in -3
\fBOPTIONS\fR
.PP
.TP 4
-n
It is wise to periodically change ones password on sites that one
uses frequently. This allows one to continue to have passwords after
the four initial passwords have already been used; this can have a
value
between 2 and 9.
.TP 4
-s
The normal mode for mqhash: To create a secure password based on
both the contents of ~/.mhash_prefix and the final argument
to mqhash.
.TP 4
-u
This will generate a cryptographic hash out of the final argument
sent to mqhash. This is useful when one does not need a secure
password, but just wants to hash a short string.
.PP
.SH "LEGAL DISCLAIMER"
.PP
THIS SOFTWARE IS PROVIDED BY THE AUTHORS \(aq\(aqAS IS\(aq\(aq AND ANY
EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.SH "AUTHORS"
.PP
Sam Trenholme (http://www.samiam.org) is
responsible for this man page.