Sign in to follow this  
Followers 0
Manel Rodero

Passwords Cheatsheet

9 posts in this topic

#1 ·  Posted (edited)


I'm trying to glue together some ideas to create a passwords cheatsheet for my job (where I have more than 100 different servers with a different password each).

Until now I create this cheatsheet like this:

  • I have a word template with the cheatsheet (basically a table with the correct size for printing)
  • I use an external password generator to generate 100 different passwords with my required complexity
  • I copy&paste every password in the correct row,column in the word template -manually- :-(
  • I print the sheet and cut it using scissors to fit it in my pocket
Now, I would like to use the power of AutoIt to do this work.

For the password generation, after some tries and errors, I will use the _GeneratePassword of SmOke_N (Thanks!).

I have the following idea: I will have an INI file with the machine names and starting positions in the table (because I would like UNIX machines starting at position 1, Windows at position 55, etc.)

Something like this?






Then, I need to write an script to read the INI file, calculate the cell position for every machine, generate a password (probably updating the ini with it so you can reuse the ini instead of generating new ones) and then update the word template with the password in the correct place.

The word template is a Word document with a table of 200 cells; every cell has the following content $Px (where x is the number of the cell). So the cell 150 has $P150 as its content. In this manner it is easy to replace this content with the password of the machine in the 150th position.

I need to say that I will generate two cheatsheet. One with the passwords. And another with the machine names. The first one goes to my pocket. The second one in my desk ;-) When I need to login to a machine I only need to know its position and type the password. Is something like the code password cards for online banks.

For replacing text in the word file (I'm using this format because in this manner I can have the correct table size for printing and folding the cheatsheet) I would like to do something like the replace function that VBS has:


Const wdReplaceAll  = 2

Set objWord = CreateObject("Word.Application")
objWord.Visible = True

'MsgBox objWord.Options.DefaultFilePath(wdStartupPath)

Set objDoc = objWord.Documents.Open("e:\tmp\scr\plantilla.doc")
Set objSelection = objWord.Selection

objSelection.Find.Text = "$P150"
objSelection.Find.Forward = TRUE
objSelection.Find.MatchWholeWord = TRUE

objSelection.Find.Replacement.Text = "Fabrikam"
'objSelection.Find.Replacement.Font.Bold = True
objSelection.Find.Execute ,,,,,,,,,,wdReplaceAll

After thinking a lot about how to do this, I don't have have any tips about how to implement the INI format and its reading and position calculation. And I don't know at all how to do the word replacement.

Any ideas would be very appreciated.

Thank you very much.

Edited by Manel Rodero

Share this post

Link to post
Share on other sites

[*]... and cut it using scissors to fit it in my pocket

I don't think AutoIt can help with that part :)

Seriously, Excel is probably the best way to go. In fact, you could generate a tab-delimted table and paste it into Excel pretty easily....

$text = ""

For $i = 1 to 10
    $text = $text & "machine" & $i & @TAB & GenPassword() & @CRLF

MsgBox(4096,"Please paste...", ClipGet())

; For example only
Func GenPassword()
    Local $t = "", $k
    For $k = 8 to 12
        $t = $t & Chr( Random(Asc('a'),Asc('z'),1) )
    Return $t

Use Mozilla | Take a look at My Disorganized AutoIt stuff | Very very old: AutoBuilder 11 Jan 2005 prototype I need to update my sig!

Share this post

Link to post
Share on other sites

Could I ask a different question? Why do you have 100 passwords for different accounts across 100 servers? Couldn't you have one account synchronised and change the one password regularly?

Just wondering.

Share this post

Link to post
Share on other sites

My sysadmin colleagues doesn't want to have a 1 password synchronized between machines because of security problems: how many times you synchronize? from where?

If the first question is "every week" or "every day", it will be a range of time where a hacker (and we have a lot of them because our environment is a computer science university ;-) has some time to try to get a password of a machine. Then it will know the password for all machines.

If the answer for the second question is "from a central machine", then this machine need to have access to every other machine (for changing the passwords). So it will be a target of the hackers.

Now, seriously, I need to replace the manual process of generating passwords and creating the cheatsheet that the sysadmins use now.

I use Word because in the word template file I will have only a table with the correct size in cm (or inches) for printing, cutting and folding.

Any more ideas?

Share this post

Link to post
Share on other sites

#7 ·  Posted (edited)

I supose your students would just LOVE to get their hands on the cheat sheet you cary around in your pocket?

How about using a lockup safe? Create a application with a rotating password entry field and a ip//machinname entry field. When you provide the correct password (it rotates, so you have to remember the last one in the sequence) and the "machine id" then you get access to the password. Or maybe only a part of it leaving a common part to your memory?

Just my 2Cents


This topic could be of interest: crypto udf

Also this page with small utilities could be of intrest: small crypto utilities.



Edited by Uten

Share this post

Link to post
Share on other sites

I use Word because in the word template file I will have only a table with the correct size in cm (or inches) for printing, cutting and folding.

1- You should be able to create an appropriately sized output in Excel too.

2- I also agree with the person who suggested that some part(s) of the password should be committed to memory so that even if one of your admins lost his/her cheatsheet it wouldn't immediately be useful to a would be hacker.


[font="Verdana"]Thanks for the response.Gene[/font]Yes, I know the punctuation is not right...

Share this post

Link to post
Share on other sites

#9 ·  Posted (edited)

I use KeePass for my password keeping, generating, etc. I also keep it sync's on my pda, since there's a windows 2003 mobile version that works really well too...

Both of these are free, but they are at diff sites: for the windows workstation version for the Win Mobile version

Life is complicated enough without having to build all my own utilities, especially when there are some out there that work so well....and I like the ability to drag the ID & PW to the respective boxes in the login window / screen on my desktop all the websites and things I need to log into...

Also, of interest to your issue, I believe you can print out the results, although that's not something I'd do, I understand your situation with multiple admin's needing access to this stuff...


Edited by setirich

Good intentions will always be pleaded for every assumption of authority. It is hardly too strong to say that the Constitution was made to guard the people against the dangers of good intentions. There are men in all ages who mean to govern well, but they mean to govern. They promise to be good masters, but they mean to be masters.-Daniel Webster

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0