Simple Bash Script to Generate and Check Password Strength

INTRODUCTIION

Passwords are the gatekeepers of our digital lives. Unfortunately, many people still use weak and easily guessable passwords like 123456 or password. This puts their online accounts at risk of being hacked.

To help solve this problem, I created a simple Bash script called password_tool.sh that can:

  • Generate strong, random passwords.

  • Check the strength of any password you enter.

In this article, I’ll walk you through why strong passwords matter, the problem with weak passwords, and how this Bash script works to keep your accounts safer.

PROBLEM

Weak passwords are one of the biggest reasons accounts get hacked. Attackers often rely on methods like:

  • Brute force attacks — trying every possible combination until they find the right one.

  • Dictionary attacks — guessing from lists of commonly used passwords.

The situation is made worse because many people:

  • Use short passwords (less than 8 characters).

  • Reuse the same password across multiple platforms.

  • Avoid including uppercase letters, numbers, or special characters.

These practices make it far too easy for hackers to break in. To stay safe online, we need a simple way to create and verify strong passwords.

💡 THE SOLUTION

To solve the issue of weak and vulnerable passwords, I created a Bash script called password_tool.sh. This script provides two simple but powerful features:

  1. Password Generator

    • Creates a random 12-character password that includes uppercase and lowercase letters, numbers, and special characters.

    • Ensures the generated password is complex enough to resist common hacking attempts.

  2. Password Strength Checker

    • Analyzes any password you provide.

    • Checks if it meets security standards like having a minimum length, including uppercase letters, numbers, and special characters.

    • Gives instant feedback on whether your password is Strong, Medium, Weak, or Very Weak.

With this tool, you can both create new secure passwords and test your current ones—all from your terminal.

🖥️ THE SCRIPT: password_tool.sh

#!/bin/bash
# password_tool.sh
# A simple password generator and strength checker

echo "===================================="
echo "     Welcome to Password Tool"
echo "===================================="
echo "Choose an option:"
echo "1. Generate a secure password"
echo "2. Check the strength of a password"
read -p "Enter your choice (1 or 2): " choice

# Function to generate random password
generate_password() {
    length=12
    echo "Generating a $length-character password..."
    password=$(tr -dc 'A-Za-z0-9!@#$%^&*()_+=' < /dev/urandom | head -c $length)
    echo "Your secure password is: $password"
}

# Function to check password strength
check_password() {
    read -sp "Enter the password to check: " password
    echo

    score=0

    # Length check
    if [[ ${#password} -ge 8 ]]; then
        ((score++))
    fi

    # Contains uppercase
    if [[ $password =~ [A-Z] ]]; then
        ((score++))
    fi

    # Contains number
    if [[ $password =~ [0-9] ]]; then
        ((score++))
    fi

    # Contains special character
    if [[ $password =~ [\!\@\#\$\%\^\&\*\(\)\_\+\=] ]]; then
        ((score++))
    fi

    # Evaluate strength
    case $score in
        4) echo "✅ Strong password!" ;;
        3) echo "⚡ Medium strength. Add more complexity." ;;
        2) echo "⚠️ Weak password. Consider improving it." ;;
        *) echo "❌ Very weak password!" ;;
    esac
}

# Main program
if [ "$choice" -eq 1 ]; then
    generate_pass_

📖 COMMANDS USED IN THE SCRIPT AND THEIR FUNCTIONS

  • echo
    Displays text to the terminal.
    Example: echo "Welcome to Password Tool"

  • read -p
    Prompts the user for input.
    Example: read -p "Enter your choice: " choice

  • read -sp
    Reads input silently (without showing it on screen) — used here for entering a password securely.
    Example: read -sp "Enter the password: " password

  • tr -dc
    Deletes all characters except the ones you specify. In this script, it’s used with /dev/urandom to create random characters.
    Example:

      tr -dc 'A-Za-z0-9!@#$%^&*()_+=' < /dev/urandom
    
  • head -c
    Limits the output to a certain number of characters.
    Example: head -c 12 → generates a 12‑character password.

  • if [[ condition ]]
    Tests a condition. Used here to check if a password meets certain rules (like length or having uppercase letters).

  • [[ $password =~ regex ]]
    Uses a regular expression to check if the password contains uppercase letters, numbers, or special characters.

  • case ... esac
    A switch‑like statement in Bash, used here to decide the password strength message based on the score.

  • ((score++))
    Arithmetic operation that increases the score variable by 1 whenever a password meets a condition.

▶️ HOW TO RUN THE SCRIPT

After you’ve saved the script as password_tool.sh, follow these steps to run it:

  1. Make the script executable
chmod +x password_tool.sh

This command gives the script permission to be run as a program.

  1. Run the script
./password_tool.sh

This executes the script in your current directory.

You’ll then see a menu asking whether you want to generate a password or check one.

📸 EXAMPLE OUTPUT

Here’s what running the script looks like in practice.

1️⃣ Generating a Password

====================================
     Welcome to Password Tool
====================================
Choose an option:
1. Generate a secure password
2. Check the strength of a password
Enter your choice (1 or 2): 1
Generating a 12-character password...
Your secure password is: G5#xY7Lq!b2P

2️⃣ Checking a Password

====================================
     Welcome to Password Tool
====================================
Choose an option:
1. Generate a secure password
2. Check the strength of a password
Enter your choice (1 or 2): 2
Enter the password to check: MyPass123
⚡ Medium strength. Add more complexity.

👉 These outputs give the user instant feedback, making it clear whether a password is strong enough or if it needs improvement.

🎯 CONCLUTION

Creating and maintaining strong passwords is essential in today’s digital world to protect your personal and professional data. With just a simple Bash script, you can both generate complex passwords and check the strength of any password you use.

The password_tool.sh script is a great starting point for anyone looking to improve their cybersecurity practices or learn practical Bash scripting.

2
Subscribe to my newsletter

Read articles from Emmanuel Ayandeji directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Emmanuel Ayandeji
Emmanuel Ayandeji