-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add possibility to generate many passphrases. #53
Comments
Hey @translit , sorry for not answering such a long time! I simply got no good excuse. You might have something in mind like the Therefore it would be great, if you could tell a bit about use-cases you have in mind. |
Of course. Generating many passphrases will help me choose the one I like. I can, of course, just do |
Uh, picking the nicest password? This way you reduce the entropy of your passwords, as explained - for instance - here: https://blog.webernetz.net/password-strengthentropy-characters-vs-words/ (please see the "Problems With Passphrases" section near the end). I don't think this is a good reason for adding batch-functionality, sorry. Is there any other use-case? |
Oh. I see Uli. Let's forget it then. |
Happy new year! I'd like to reopen the possibility for this use-case @ulif I agree with @translit that generating N number of phrases can be very useful. I'll give a hypothetical example:
I run the following command:
Which generates (by some bad luck) the following:
Oops! I can't look him in the face and tell him your new password is So, in this case, it would have been great if I could have instead run something like
And received the following output to choose a more appropriate one:
😊 |
I wrote a small wrapper around the Python package to implement this for now.
Setuppip install diceware Script
Example$ pwgen-dw.py -i 5 -n 3
SpongyWashroomEmu
BuddhismMantisParmesan
ArrayImpedingSkeletal
ChubbyChapsHuddle
EtchingSwarmGatherer |
Hi Luke, thanks for using I am afraid your "new" use case does not convince me very much. While I would not generally oppose such loop functionality, I am still a bit reluctant. Still for the same reasons as above. Your bad-words argument looks a bit like the simplicity argument in the posting I linked above. It is only instead of simple terms your boss prefers decent terms. An attacker could use this to try only the decent combinations and leave out all combinations with "lazy" (or try them later). Your use case might be solved better by using a better suited word list. Furthermore, @translit gave a one-liner above, that looks much easier (and in no way clumsy) to handle than a big complicated script:
That looks pretty elegant to me. Simple, readable, and doing what it is supposed to do, doesn't it? If you prefer a script that supports passing the usual arguments:
or something similar might help. Save this as ndiceware.sh make it executable and you can do:
to get nearly the same results as your Python gist above. This won't, however, work well with interactive modes of operation: feeding a word list from Anyway, I do not oppose completely. The real problem might be, that I am, like your boss, a lazy person. Implementing a loop functionality is doable, of course. But it would require (meanwhile) to cover a lot of edge cases, many related to interactive behaviour. Therefore I might welcome respective PRs. But for now I would push up other issues first, that convinced me already. Standard config file locations, for instance. For that, I ask for your understanding. Please do not hesitate to make further suggestions! |
Thank you for thinking about it @ulif I understand your viewpoint. In the end if I couldn't convince you, then so be it. I scratched my itch with the script so—we can both walk away happy I suppose. Maybe I should back up a step: the reason I dove down this rabbit hole in the first place was because I was using the simple bash shell loop method you suggest above, and on my older systems it was painfully slow (each iteration has to warm up the python environment, do the imports, etc). I finally got annoyed enough that I decided to try to optimize it. I just tested my python wrapper vs. a shell loop for 20 iterations on my main system (an M1 Mac Mini) and got this result:
I'll take that 13x speedup any day. 🚀 |
If i want to generate a bunch of passwords for multiple clients it would be great to have a feature to do this in diceware itself (without needing another script). |
This is indeed true, @luckman212. Calling diceware several times really takes too much time. Unfortunately my sparetime still is pretty rare. Therefore I cannot promise to finish the multi-phrases-output very soon. But it is now on my todo-list. |
Hey Uli. Just discovered your great software. Thanks so much for it.
One function I'm unable to find is the possibility to generate many passphrases at the same time. Is it there? If not, would it be a good idea to add it?
The text was updated successfully, but these errors were encountered: