search

redacted / XKCD-password-generator

Generate secure multiword passwords/passphrases, inspired by XKCD
BSD 3-Clause "New" or "Revised" License
1.32k stars 185 forks source link

Entropy-based password length #67

Closed nicki-krizek closed 3 years ago

nicki-krizek commented 7 years ago

Since it's possible to use different wordfiles, using number of words to specify the passphrase length can produce variably strong passphrases, depending on the wordfile.

User should have an option to specify required entropy / password strength which would take into account the length of the wordfile and produce a passphrase of similar strength regardless of the wordfile that is used.

Example:

$ xkcdpass -w legacy -e 75
nucleus Mboya Moldova Scopes parody
$ xkcdpass -w eff-long -e 75
affair ounce hatchback guidance cubical onlooker
$ xkcdpass -w eff-short -e 75
delay dizzy agile ebony twirl tweak aloft quake

This approach should be used as default when no specific word limit is provided. Entropy could be specified in passphrase strength levels instead of bits. A warning could also be displayed on error output for low entropy passphrases.

This feature would most likely have to be mutually exclusive with acrostic.

amiryal commented 7 years ago

This feature would most likely have to be mutually exclusive with acrostic.

See PR #61, which should address your concerns. With that fix implemented, I suppose you could repeat the acrostic as many times as necessary to reach the desired entropy (or use less letters, if the requested entropy is low).