rice.shawn Posted January 13, 2014 Posted January 13, 2014 Generate random passphrases. Find the workflow on Packal. There is only one keyword: "passphrase"; you have the option of providing two arguments: the number of words and the max number of characters. The generator will extend the phrase as close to the character limit, but it will break only on word boundaries. If the arguments are bad, or if you do not provide any arguments, then the passphrase will default to four words with a maximum of 30 characters. So, to create a five word passphrase within 25 characters, just type passphrase 5 25 You'll get a discreet notification of the passphrase, and it will be automatically copied to the clipboard. This workflow came about based on a question asked on the forums, and Ctwise wrote an initial Ruby script there. I've just modified it to accept arguments and have the max character length. If you want to use your own wordlist, then look in the workflow folder for the file "passphrase_wordlist" View on on Packal.
Smith007 Posted September 26, 2014 Posted September 26, 2014 The maximum character property isn't working. The workflow has generated a password 33 characters long when no arguments were provided (should have max 30). Thanks.
rice.shawn Posted September 27, 2014 Author Posted September 27, 2014 You're right. I fixed it and pushed the update to Packal. Now it pops off the last word if the text is over the character limit.
deanishe Posted February 10, 2016 Posted February 10, 2016 (edited) FYI, 6 words is the minimum length you should use for a decently secure password. On a modern password-cracking box, the default length of 4 words can be cracked in under 3 minutes on average. 5 words is about 4.5 days. 6 words should hold out for 26 years. These numbers are based on an attacker using the exact same word list, which is not the likeliest scenario, but it's a fair bet that any dictionary-based attack will include all of these words. For anyone interested in the maths, you get log2(N) bits of entropy per word, where N is the number of words in the list. That's ~11 bits per word in this case. The average number of guesses needed to find the right password is 2n-1 where n is the total entropy in bits. The times assume 45bn guesses/second, which is what a modern dedicated password-cracking box (made of off-the-shelf parts) can do. Edited February 10, 2016 by deanishe
rice.shawn Posted February 18, 2016 Author Posted February 18, 2016 I just updated it on Packal to have a default of six words and a max chars count of 60 (which made the six words come out more consistently). I thought about using SecureRandom instead of rand, but since it's just picking random words, it seemed to be overkill.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now