acopw

Package acopw provides a simple, efficient, and secure way to generate random passwords, passphrases, and PINs using Go. It leverages the speed of math/rand/v2 with the cryptographic security of ChaCha8 for generating random data, ensuring the highest level of randomness, security, and performance.

When generating diceware passwords, it uses a curated list with over 23 thousand words, one of the largest word lists out there.

Sample output:

(#lR?xdVe^o#;|{K>k%Y$,SXnn?nLl[=+|^cf|AWCtA}YoP(Vb=G^rwj]f;u@~Py
u{AQTrcOcHG#/.K>j{?P=\=jm%O>)hC;.Y%l,~fE'v];^@AY!?I}=DzyKlE@GEKb
hefty_spacetime_ENVELOPE_hearing_trend_fossils_unusable
deplored-desert-victory-runtime-coupland-costly-CLASSICS
728079
996388

Installation

To install acopw and use it in your project, run:

go get git.sr.ht/~jamesponddotco/acopw-go@latest

Usage

Random passwords

To generate a random password, use Random and call the Generate() method.

package main

import (
	"fmt"
	"log"
	"os"

	"git.sr.ht/~jamesponddotco/acopw-go"
)

func main() {
	random := &acopw.Random{
		Length:     16,
		UseLower:   true,
		UseUpper:   true,
		UseNumbers: true,
		UseSymbols: true,
	}

	if _, err := fmt.Fprintln(os.Stdout, random.Generate()); err != nil {
		log.Fatal(err)
	}
}

Diceware passwords

To generate a diceware password, use Diceware and call the Generate() method.

package main

import (
	"fmt"
	"log"
	"os"

	"git.sr.ht/~jamesponddotco/acopw-go"
)

func main() {
	diceware := &acopw.Diceware{
		Separator:  "-",
		Length:     6,
		Capitalize: true,
	}

	if _, err := fmt.Fprintln(os.Stdout, diceware.Generate()); err != nil {
		log.Fatal(err)
	}
}

PINs

To generate a PIN, use PIN and call the Generate() method.

package main

import (
	"fmt"
	"log"
	"os"

	"git.sr.ht/~jamesponddotco/acopw-go"
)

func main() {
	pin := &acopw.PIN{
		Length: 6,
	}

	if _, err := fmt.Fprintln(os.Stdout, pin.Generate()); err != nil {
		log.Fatal(err)
	}
}

Contributing

Anyone can help make acopw better. Send patches on the mailing list and report bugs on the issue tracker.

You must sign-off your work using git commit --signoff. Follow the Linux kernel developer's certificate of origin for more details.

All contributions are made under the MIT License.

Acknowledgements

• Tests were mostly written using a combination of Claude 3 and GPT-4.
• Big thanks to the EFF for providing some word lists, which were complimented by me crawling Wikipedia.
• Big thanks to Christopher Wellons for reviewing and auditing the underlying cryptographic implementation for biases and security issues. He also helped with many of the performance optimizations for the v1.0.0 release.

Resources

The following resources are available:

• Package documentation.
• Support and general discussions.
• Patches and development related questions.
• Instructions on how to prepare patches.
• Feature requests and bug reports.

---

Released under the MIT License.