Skip to content

Latest commit

 

History

History

wordy-password

README.md

Wordy Password

This is a fun shell script which uses msecretctl to make strong passphrases that are memorable to native English speakers, like these:

  • Swiftly pot a definitive stepdaughter.
  • Underneath Christmas Day, Roger disquietingly subvocalized a blind whistle.
  • Touchingly compartmentalize an indiscriminating gosling among the frigid recess on Armed Forces Day.

This approach is ideal for the few cases where you actually need to remember a password.

It works a bit like Mad-Libs: A pattern is used to pick words from various lists so that they can be put together into a silly phrase that you can remember.

Patterns

There are currently several different patterns. Edit the script to change the pattern.

  • 47 bits of entropy: @ADVERB@ @VERB@ @A_OR_THE@ @ADJ@ @NOUN@.
  • 53 bits of entropy: @ADVERB@ @VERB@ @PREPOSITION@ @A_OR_THE@ @ADJ@ @NOUN@.
  • 56 bits of entropy: @ON_OR_FOR@ @DATE@, @NAME@ @PAST_VERB@ @NAME@'s @ADJ@ @NOUN@.
  • 64 bits of entropy: @PREPOSITION@ @DATE@, @NAME@ @ADVERB@ @PAST_VERB@ @A_OR_THE@ @ADJ@ @NOUN@.
  • 72 bits of entropy: @A_OR_THE@ @ADJ@ @NOUN@ @ADVERB@ @PAST_VERB@ @A_OR_THE@ @ADJ@ @NOUN@.
  • 77 bits of entropy: @ADVERB@ @VERB@ @A_OR_THE@ @ADJ@ @NOUN@ @PREPOSITION@ @A_OR_THE@ @ADJ@ @NOUN@.
  • 82 bits of entropy: @ADVERB@ @VERB@ @A_OR_THE@ @ADJ@ @NOUN@ @PREPOSITION@ @A_OR_THE@ @ADJ@ @NOUN@ @ON_OR_FOR@ @DATE@.
  • 92 bits of entropy: @ADVERB@ @VERB@ @A_OR_THE@ @ADJ@ @NOUN@ @PREPOSITION@ @A_OR_THE@ @ADJ@ @NOUN@ @ON_OR_FOR@ @DATE@ @IN_OR_AROUND@ @PLACE@.

Some additional entropy can be added by appending random numbers using @RAND_999@ (~10 additional bits) or @RAND_9999@ (~13 additional bits).

Nore that the entropy figures above are the guaranteed minimum entropy assuming that an attacker knows the pattern and the word lists. If the size of the word lists change, the entropy value wil also change. The script will print out the exact entropy of the generated passphrase.

See the script for more details.

Dependencies

Obviously, this script depends on msecretctl to calculate random integers with a uniform distribution. It also depends on the bc tool for calculating the entropy. The script also uses sed, head, printf, etc. Typical shell-script stuff.

The script is known to work on Macs, but would likely work on Linux as well.

Improvements

Obviously, being a shell script makes this a bit more obtuse to use. Rewriting it in Rust would be an obvious win in my book.

Improving the word list would also be beneficial. It would also make the resulting passphrases contain more entropy, although the returns on this are diminishing.

Adding more patterns would also be nice.

It would be great to have this functionality integrated into msecret itself, but then repeatability becomes an important consideration (so the word list would need to be crystalized and never change after that).