search

redacted / XKCD-password-generator

Generate secure multiword passwords/passphrases, inspired by XKCD
BSD 3-Clause "New" or "Revised" License
1.32k stars 185 forks source link

Add option to only keep first N chars of each word #112

Closed bennofs closed 10 months ago

bennofs commented 5 years ago

This option is useful together with the special EFF wordlist, where each word has an unique 3-character prefix.

burdges commented 5 years ago

Just curious, are the prefixes nearly uniformly distributed over [a-z][a-z][a-z]?

bennofs commented 5 years ago

I am not quite sure how to measure this.

bennofs commented 5 years ago

The first character already is not randomly distributed:

     2 x
      4 q
     11 y
     12 z
     23 k
     32 i
     32 w
     35 v
     37 h
     38 n
     42 b
     43 j
     46 m
     49 t
     50 o
     51 f
     54 l
     54 u
     61 g
     62 r
     70 p
     77 d
     83 c
     92 e
    110 s
    126 a
burdges commented 5 years ago

Apologies for the derail, it's irrelevant since the entropy only increases for an attacker who does not know you used the wordlist, and the map from wordlist to prefix is bijective. :)