Skip to content
/ passgen Public

Deterministically generate strong, random-looking password from any given string. Stateless password miner. Also see the link below for a better code.

gist.github.com/somajitdey/edbe0e3b6ddde484f814c8df016bb7af

License

LGPL-2.1 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JuFF-GitHub/passgen

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.html
README.html
 
 
README.md
README.md
 
 
hbkdf
hbkdf
 
 
passgen
passgen
 
 

Repository files navigation

Passgen

Made with Bash. The script should just run on the standard Linux distros - no further installation necessary.

Purpose

Passgen is meant to generate strong, valid, random-looking passwords deterministically from any given text-string or key. You don't need to remember or store the generated password, because you can always generate it as long as you remember the text-string you provided. There lies its security. To generate the same password on a different machine, however, you'd need to note down the PASSGEN_SALT that is output.

Security model

Every password generation requires an effectively single-threaded process that takes a significant time (mostly <1m though). This is because the algorithm uses a Hashcash-like proof-of-work procedure targeted for 20 bit partial hash-collision, viz. the final hash must have 20/4=5 zeroes in its hex representation. All the hashes are SHA512. The algorithm is so designed that a minimum amount of work must always be done.

Also, it cannot be predicted beforehand exactly how much time the password generation would take. For some values of the given text-string, the time taken may be way over the 1m mark. Hopefully, this unpredictability and requirement of single-threadedness would make brute-force hacks slow.

Usage

Non-interactive:

timeout <max number of seconds you can have your patience e.g. 60> \
./passgen [-w <no. of chars in the desired password>] <string that you can remember>

Example:

  1. timeout 60 ./passgen -w 10 'Iluvbash'
  2. timeout 60 ./passgen 'patience is a virtue'

Interactive:

timeout 60 ./passgen

Tip: If password generation is taking too much time, try some other text-string.

Features:

  1. Passwords are bound to the device they are generated on, if the environment variable PASSGEN_SALT is not set. In other words, when PASSGEN_SALT has no value, running passgen on the same machine will always output the same password and take nearly the same time, but running it on different machines will give different output and require different times. Therefore, to generate the same password in similar time in two different machines, do export PASSGEN_SALT=<your chosen value> before running passgen.
  2. Every password essentially contains at least one special character, one upper-case letter, one lower-case letter and one numeral. The default width for generated passwords is 8 characters.

About

Deterministically generate strong, random-looking password from any given string. Stateless password miner. Also see the link below for a better code.

gist.github.com/SomajitDey/edbe0e3b6ddde484f814c8df016bb7af

Topics

bash algorithm password-generator password-manager shell-script hashcash proof-of-work passgen strong-password

Resources

Readme

License

LGPL-2.1 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages