Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!ucbvax!WSMR-SIMTEL20.ARMY.MIL!WANCHO
From: WANCHO@WSMR-SIMTEL20.ARMY.MIL ("Frank J. Wancho")
Newsgroups: comp.protocols.tcp-ip
Subject: passwords
Message-ID: <WANCHO.12445339886.BABYL@WSMR-SIMTEL20.ARMY.MIL>
Date: 10 Nov 88 04:53:00 GMT
Sender: usenet@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 19

Concerning pseudo-random, semi-pronounceable password generation,
please see RFC 972.  The original algorithm was written in BASIC by
Paul D. Merillar and Arthur A. Key.  The implementation in our PWDGEN
server, a variation of our local CHGPWD program, came from Sandia
Labs, written in FORTRAN, and uses a system-wide 36-bit seed rather
than a clock-based seed.  Marshall Rose converted that program to C...
From your message, it seems that the algorithm has found its way
around, and that's good to see.

From the source code:

    Basically "random pronounceable words" are built by alternating
    Vowels and Consonants.  However, there are "Digraphs", and these
    are presorted according to END, MIDDLE, and START positions.  Not
    going into combinatorial analysis, with seven characters the
    "possible" combinations exceed 20 Million.  (I haven't computed
    how many are possible with eight characters...)

--Frank