The Author – Bart Busschots
Creative Commons
Unless otherwise stated, the content on this site is licensed under Creative Commons Attribution, Noncommercial, No Derivative Works 3.0 License
Nov
10
XKPasswd.net Updated
Filed Under Computers & Tech, Security on November 10, 2014 at 12:27 am
After quiet a few months of work, I’ve just re-launched my secure memorable password generator – www.xkpasswd.net. The entire interface has been re-designed, and under the hood the site now uses version 2 of my XKPasswd.pm perl module.
The interface has been completely re-designed with an eye to making it easier to understand what the various configuration settings mean. The configuration is sections, and each section is headed by an English description of the current settings. You can read down through the headings to get a very good understanding of the configuration. Additionally, there is now a diagram showing the structure of the password that will be generated, and whether or not it will contain mixed case, digits, and symbols.
You can now generate multiple passwords at once, people often like to generate a few and choose one that speaks to them, so while not make that easier! Once passwords are generated, their strength, or Entropy, is reported, and colour-coded – green is good 🙂
I’ll be adding some more features over the next few months. I’ll mainly be focusing on adding more dictionaries, and allowing users to create their own custom dictionaries by mixing and matching separate word lists. What I have in mind is a set of base language dictionaries like English, and French, and so on, and then a selection of special dictionaries like place names, scientific terms, scifi characters and places, animals, fore names, and so on. I’m also planning to add the ability to store your own custom presets locally using HTML5’s local storage feature.
If you have any comments or suggestions, please do share them.
Thank for this, Bart! it’s looking very good.
What is the type of password that XKCD posted called? I remember hearing the name somewhere, but it escapes me.
Thanks Bart!
I have been using the website to create my desired password formatting. Then I cut/paste the “Save Config” settings into your OS X automator workflow. However, I noticed the config formatting changed from
“num_words”=> 3,
to:
“num_words”: 3,
Without manually changing all the “:” to “=>”, is there an easier workaround/fix?
Hi Justin – TBH I’m not sure what the word is you’re looking for – perhaps ‘passphrase’?
Scott – the issue is that the web interface uses JSON, while the Perl library wants a Perl hashref, so the syntax is different. I’m not making any promises, but I might be able to alter the Perl so it accepts a JSON string or a Perl hashref. I’ve added it to my list of things to look at over the Christmas holidays.
I found it, Bart. It’s called a Diceware password. You probably know more about it than I do, but Diceware seems really similar to what was in XKCD.
Hi. I was playing around with the password generator and noticed that when I changed the capitalization from none to randomly capitalizing words, it doubled the seen entropy. This doesn’t seem quite right, as randomly capitalizing words should add one bit of entropy for each word in the passphrase.
Hi Bart. You’re tool is a regular part of my toolbox. Thanks!
It’d be convenient for me to bookmark a link with parameters set a couple different ways. Is it possible for the config save/load to also understand HTTP get arguments, so I can use simple browser bookmarks?
William – I’ll have to re-read the code to make sure I’m not doing something silly. I’ve added it to my list of things to check over the holidays.
Mark – it’s a good suggestions – I’ll have to have a think about how best to implement permalink, but it’s now on my list of features to work on.
+1 on the permalink. I use the site all the time. I like the simpler passwords because my users are required to change them the first time they log in anyways. It takes a bit of retooling to get close to your old WEB8 password preset.
Hi,
I love your tool, and I use it all the time. However since you’ve updated, the “133+ SUBSTITUTIONS” seem to have gone. Can you please re-add this?
Thanks!