Skip to content

Crypt-HSXKPasswd-v3.3.1 BETA 3

Choose a tag to compare
@bbusschots bbusschots released this 12 Jul 23:11
· 36 commits to master since this release

This is the third, and hopefully final, BETA release of the re-named Crypt::HSXKPasswd (was

This release contains just one bug fix:

  1. There was a subtle error in how the entropy was calculated for the worst-case scenario (where attackers know both the configuration and word source used). Unfortunately the bug caused the module to overestimate the entropy. Because if this, some presets had to be altered after the bug was fixed to keep them below the entropy warning thresholds. This proved impossible for the WEB16 preset, so it has now issues a warning in the same way the NTLM preset does.

This release contains a number of enhancements to the core module:

  1. Control over entropy warnings has been greatly improved. Previously warnings were controlled by specifying which warnings to suppress, this is inverse to how most humans think, and hence very confusing. The logic has now been reversed, and the module config variable re-named to reflect the new logic.
  2. The ALTERNATE case transform now randomises the case of the first word, and then alternates from there. This adds a little more entropy, and makes more sense than having it always be the same IMO.

This release contains significant updates to the hsxkpasswd terminal command:

  1. Support for hsxkpasswdrc files has been added. These config files allow users of the terminal command store custom presets, and set other default values. the --rcfile option can be used to specify the path to a specific rc file, but by default ~/.hsxkpasswdrc is used. The --test-rcfile option can be used to help debug rc files.
  2. The -w and -warn options were added to allow control of the entropy warnings when using the terminal command

There are no more outstanding features targeted for the first stable release of the renamed module.