There is not really a script solution available nor would I recommend one.
At best, a script would have to extract randome entries from a word list and add digits to it. This is not very efficient, and the randomness is very small.
At worst, you create sequences and stash the last result. This creates a very easy to hack situation, and obviously since you have to stash the last result you stash someones password.
So, in essense once you start using either patterns or word lists and storing things, your security is completely shot.
The reason that GPW works (and my modifications to it) is as follows.
First, the dictionary on a system is parsed and split into triplets. These triplets are stored in the code.
When a user requests a password, a random number seeded with a time stamp are used to extract strings, and generate the password by assembling strings up to a specific length. GPW allowed passwords less than 4 chars and core dumped on 3 or less. My modified code requires 6.
If you wanted a scripting method, then perhaps write a script and parse 8 characters incrementing them in pairs of 4. Again though, you would quickly have everyone knowing that since their password is aaa1bbb2, someone elses is aaa2bbb3.
Regards,
Shannon
Microsoft. When do you want a virus today?
