Creating secure passwords

Creating Secure Passwords

As more services go online, everything needs a unique password (the keyword there is ofcourse unique!). Of course some of the sites have some unique requirements of passwords such as one upper case, one lower case, one number, one special characater and none of these should be from the names of your first born and so on. I am reminded of the XKCD comic on this topic

XKCD comic

Interestingly it gave birth to the xkcdpass. While the method used by xkcdpass is unique it had two flaws, first, it wont pass these website requirements (one capital, one special masala) and second and the important one, the famous Security expert Bruce Schneier says, it is quite easy to crack.

Long story short, So I decided to build a generator for myself that I know I could trust to generate unique and random and reasonably secure complex passwords. I wanted to generate this locally on my computer without any external network connection generating it remotely. Further, I also made sure that the generated passwords were not part of an existing hacked password by checking againt Tory Hunt’s Have I been Pwned site.

Many folks have asked me as to why not use the built in generators in passwords manager. While it is a great suggestion, I never got around to using password managers since most of my sensitive data is stored in veracrypt containers and I wanted to keep my passwords there. So my tooling was CLI, it was fast and it had all my quirks taken care of :-). So without much ado, I give you password-generator. Feel free to share your thoughts and ideas by logging issues on github or to the user vivek who has an account on the domain that you are reading this page on.