A Perl module and terminal command for generating secure memorable passwords inspired by the fabulous XKCD web comic and Steve Gibson's Password Hay Stacks. This is the library that powers www.xkpasswd.net
I wish there was a way to use potentially different length words to generate a fixed-length password. Say for example you request 16-characters worth of words that might be 3 words of length 5 + 4 + 7 or 3 words of length 6 + 6 + 4. The lazy way would just be to throw away generated passwords that are too long until enough of the required length are produced, but may take longer to get the results. I just installed hsxkpasswd from source and I'm working on a lazy implementation in shell right now.
Bonus would be potentially different number of words like 2 words or 4 words but adding up to the same number of characters from words. Programming wise, might be subtracted from a count until the required number of characters from words was satisfied. Bonus bonus: words must still be within minimum length, might have to generate then throw it out if the last word is going to be too short, or try a shorter 2nd to last word for example.
The rationale is that the position of separators would be less predictable, which would make using rules to crack the generated passwords less effective vs having a certain number of words all the same length.
I have tried using rules that make words of variable lengths but had to click "Generate" multiple times because the generated batch exceeds the length restriction of the site they will be used for, then end up counting characters to make sure.
I wish there was a way to use potentially different length words to generate a fixed-length password. Say for example you request 16-characters worth of words that might be 3 words of length 5 + 4 + 7 or 3 words of length 6 + 6 + 4. The lazy way would just be to throw away generated passwords that are too long until enough of the required length are produced, but may take longer to get the results. I just installed hsxkpasswd from source and I'm working on a lazy implementation in shell right now.
Bonus would be potentially different number of words like 2 words or 4 words but adding up to the same number of characters from words. Programming wise, might be subtracted from a count until the required number of characters from words was satisfied. Bonus bonus: words must still be within minimum length, might have to generate then throw it out if the last word is going to be too short, or try a shorter 2nd to last word for example.
The rationale is that the position of separators would be less predictable, which would make using rules to crack the generated passwords less effective vs having a certain number of words all the same length.
I have tried using rules that make words of variable lengths but had to click "Generate" multiple times because the generated batch exceeds the length restriction of the site they will be used for, then end up counting characters to make sure.