Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Secure random passwords in javascript

branch: master

Fetching latest commit…


Cannot retrieve the latest commit at this time

Octocat-spinner-32 js just host stuff locally May 10, 2012
Octocat-spinner-32 txt
Octocat-spinner-32 LICENSE
Octocat-spinner-32 blank
Octocat-spinner-32 cache.manifest
Octocat-spinner-32 fusionbox.gif
Octocat-spinner-32 index.html

Mouseware uses a cryptographically secure random number generator based on your mouse movements to generate secure, memorable passwords. Passwords are generated entirely in the browser, no data is ever sent over the network. The generated passphrases are similar to those generated by Diceware or popularized by xkcd, with an emphasis on easy memorization.

We use SHA256 to process the location and timestamp of every mousemove event. Random words are then selected from noun, adjective and verb word lists to construct a random sentence. Shannon entropy is reported to estimate password strength. To avoid a time-consuming mouse moving session on every page load, we use localStorage to store a seed and initialize our internal entropy buffer with it on the next load.

To increase entropy when desired, options to replace a randomly chosen letter with a number or symbol are given. Entropy calculation takes these into account, and increases the reported entropy by the logarithm of the number of letters considered for replacement.

Something went wrong with that request. Please try again.