New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
alternative dictionary #9
Comments
surprising in what way? the included word list is Grady Ward's Moby II, which was chosen because it has a very large number of words. note that when using xkcd-password you can pass the path to a newline-delimited list of words (with |
oh also, thanks for the link! this is a good resource to have available. |
Following up on this - the current dictionary contains numerous curse words... for example, "fuck", "shit", etc. Probably not acceptable for a general-usage password generation library. I just had a user complain about an inappropriate password. I'm adding filtering to our app, but would prefer that the word database be cleaned of inappropriate words, or a different dictionary be used. I'll submit a PR with a somewhat-cleaned db eventually, unless you have plans to change the word db anyway... |
@zopf I don't have any plans to change the current dictionary; however, you can instantiate the library to use any wordlist you'd like, so you can control the list you'd like it to use:
The included word list (Grady Ward's Moby II) was chosen because it has a very large number of words available; i didn't want to use a smaller list for the default set. Filtering it could easily lead to bikeshedding (the list of words that your users consider offensive isn't necessarily the list of words that another set of users might consider offensive; there's a lot of things far more offensive to me than "fuck" and "shit", that's for sure), so I just used a preset, and allowed anyone that wanted to filter it to provide their own list. However: the docs absolutely need improvement; it's not at all clear that this is an option in the API. You can also use
That's not so say I wouldn't turn down a PR that used a different list; the grady ward list is deficient in other ways, but I'd like it to be a public-domain and unfiltered list; something that can be downloaded and dropped in, doesn't require any work to maintain, and that has a license which allows its inclusion. |
@zopf I've created a fork-ish of this project at https://github.com/ZaneHannanAU/xkcd-z-password It includes a filter function (where you can filter badwords) but it is a little limited compared to @fardog's implementation. @zopf @wrought https://gist.github.com/ZaneHannanAU/e9c89a44ebc3cd4b4a58e0a8a9ad06cf includes a simple filter which should remove some of the included badwords. |
@zopf @wrought ZaneHannanAU/xkcd-z-password-nobad extends the previous xkcd-z-password 👍 https://github.com/ZaneHannanAU/xkcd-z-password-nobad |
got some surprising passwords generated using this library... might want to check the terms that are inside it.
Here are some alternatives: https://en.wiktionary.org/wiki/Wiktionary:Public_domain_sources
The text was updated successfully, but these errors were encountered: