xkcd-936 password generator

← Ansible save ArubaOS config to TFTP server | posts | Redirect QEMU guests TCP socket to hosts loopback socket →

xkcdpass is a password generator inspired by the famous xkcd 936 a webcomic, which shows a method on how to create passwords easy to remember for a human, but hard to crack using nowadays computers. In fact xkcdpass is the lazy version of the EFF dice generated passphrases method, it is using the EFF word files to generate a passphrase, but with a random generator algorithm. For real random passphrases use the EFF dice method.

xkcdpass generates following passphares without additional options. The passphrase has 6 short words like in example below:

user % xkcdpass zombie bacterium backboned sandfish denatured perish

Consulting -h the help file is a clever thing to do:

xkcdpass --help
usage: xkcdpass [-h] [-w WORDFILE] [--min MIN_LENGTH] [--max MAX_LENGTH]
                [-n NUM_WORDS | -a ACROSTIC] [-i] [-v VALID_CHARS] [-V]
                [-c COUNT] [-d DELIM] [-s SEP] [-C CASE] [--allow-weak-rng]

optional arguments:
  -h, --help            show this help message and exit
  -w WORDFILE, --wordfile WORDFILE
                    Specify that the file WORDFILE contains the list of
                    valid words from which to generate passphrases.
                Provided wordfiles: eff-long (default), eff-short,
                        eff-special, legacy, spa-mich (Spanish), fin-kotus
                    (Finnish) ita-wiki (Italian), ger-anlx (German), nor-
                        nb (Norwegian)
  --min MIN_LENGTH      Generate passphrases containing at least MIN_LENGTH
                        words.
  --max MAX_LENGTH      Generate passphrases containing at most MAX_LENGTH
                        words.
  -n NUM_WORDS, --numwords NUM_WORDS
                        Generate passphrases containing exactly NUM_WORDS
                        words.
  -a ACROSTIC, --acrostic ACROSTIC
                        Generate passphrases with an acrostic matching
                        ACROSTIC.
  -i, --interactive     Generate and output a passphrase, query the user to
                        accept it, and loop until one is accepted.
  -v VALID_CHARS, --valid-chars VALID_CHARS
                        Limit passphrases to only include words matching the
                        regex pattern VALID_CHARS (e.g. '[a-z]').
  -V, --verbose         Report various metrics for given options.
  -c COUNT, --count COUNT
                        Generate COUNT passphrases.
  -d DELIM, --delimiter DELIM
                        Separate words within a passphrase with DELIM.
  -s SEP, --separator SEP
                        Separate generated passphrases with SEP.
  -C CASE, --case CASE  Choose the method for setting the case of each word in
                        the passphrase. Choices: ['alternating', 'upper',
                        'lower', 'random', 'first', 'capitalize'] (default:
                        'lower').
  --allow-weak-rng      Allow fallback to weak RNG if the system does not
                        support cryptographically secure RNG. Only use this if
                        you know what you are doing.

Easy to remember passwords. 5 generated random examples to show the possibilities of passphrase creations:

user % xkcdpass -w ger-anlx -n 4 -c 5

verkauft schulter plant luftwaffe weltweit übrigens tokio gestärkt neben anderswo gekostet fliegen stichtag stadion ändert liebhaber geschickt dezember keine gehabt

This is using the xkcdpass default settings, it takes 6 words with the default settings.

user % xkcdpass -w ger-anlx -c 3

stichwort physiker christen problem ausschluß schüler guten presse belohnt mensch besetzung vermögen erster erinnern treiben ironie studierte liberalen

Useful tool for generating passphrases. Really long passwords that are easy to remember for a human.