For those of you who heed warnings: do not use this anywhere, ever.
xkcdcrypt is a proof-of-concept file encryption tool. The concept it intends to demonstrate, in it's own small way, is that human-centered design results in higher-security implementations.
Credential stuffing, password spraying, and brute force are all principally mitigated by not tasking users to choose the password from which the encryption key is derived. Instead, a XKCD-style passphrase is randomly generated, and printed to the terminal after the encrypted copy is created. You can read more about XKCD-style passphrases in XKCD Explained.
The XKCD-style passphrase and a cryptographically random 128-bit salt are fed to the Argon2 key derivation function to derive a 256-bit key. Argon2 summarizes the state of the art in the design of password cracking resistance. You can read more about Argon2 in the Password Hashing Competition.
$ xkcdcrypt.py example.txt Passphrase: correct-horse-battery-staple example.txt encrypted as example.txt.xc $ xkcdcrypt.py example.txt.xc Passphrase: <correct-horse-battery-staple> example.txt.xc decrypted as example.txt $ xkcdcrypt.py example/ Passphrase: correct-horse-battery-staple example encrypted as example.xc $ xkcdcrypt.py example.xc Passphrase: <correct-horse-battery-staple> example.xc decrypted as example