Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Generate nice passwords
Ruby
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
rails
spec
.gitignore
.rspec
Gemfile
MIT-LICENSE
README.rdoc
Rakefile
VERSION
nice_password.gemspec

README.rdoc

NicePassword

NicePassword creates easy-to-remember but still somewhat secure passwords by mixing common words from a “safe” dictionary with random numbers. The password is easier to read and to remember than purely random strings of letters and numbers, making it “nicer” on users. NicePassword is ideal whenever you need Rails to auto-generate a password for a user–such as after the user clicks a “send me a new password” link or as a “suggested password” on a password edit page.

Examples of NicePasswords:

campaign34bone
parent492wheat
orbit8low5mix

The dictionary contains a list of words which are reasonably safe for use in a corporate environment. For example, besides omitting obscene and slang words, words such as 'kill' and 'hate' are excluded.

Usage

To generate a password just call NicePassword.new.

> NicePassword.new
# => basic34lesser

Options that can be passed when creating a new NicePassword include:

  • :length - total number of characters, default is 12

  • :words - total number of words, between 1-4, default is 2

  • :digits - number of digits between each word (not the total number), default is 2

  • :language - abbreviation for language to use for the words, default is 'en' (English)

  • :dictionary - a custom dictionary (as an array) to use instead of the default dictionaries

    > NicePassword.new(:language => 'fr', :length => 16, :words => 3, :digits => 3) # => été826gris641rue

Languages and Dictionaries

The included dictionaries are:

  • English: 'en'

  • French: 'fr'

  • Spanish: 'es'

English is the default language. You can set a different default language using:

NicePassword.default_language = 'fr'

Or you can choose a language on a case-by-case basis by passing in the language abbreviation as the value to the :language option (see Usage above).

If you want to use your own dictionary (either with custom words or for another language), you just pass in an array of words as the value to the :dictionary option. You will want to make sure that your dictionary has several words of each length and includes single letters.

Security

NicePassword passwords are not as secure as a random string would be–that is obvious. However, they are much more secure than the passwords most users pick on their own.

Random strings are hard to remember, easy to mistype and increase the likelihood that a user will switch to a very weak password at the first opportunity. Because NicePasswords are much easy to remember, a user is more likely to keep them. If they still opt to switch to a stronger or weaker password, then you are no worse off, but provided a better user experience.

The inclusion of digits between the dictionary words is intended to make a brute force dictionary attack much harder. Increasing the number of digits between words, or the number of words with digits between them, will increase the security strength of the password.

Info

Authors: Kevin Skoglund & Matthew Bergman, Nova Fabrica, Inc.

License: Copyright 2010 by Kevin Skoglund. released under the attached MIT-LICENSE.

GitHub: github.com/novafabrica/nice_password/tree/master

Bug Reports and Feedback

Bug reports should be submitted at github.com/novafabrica/nice_password/issues

Other feedback is welcomed at info@novafabrica.com

Warranty

This software is provided “as is” and without any express or implied warranties, including, without limitation, the implied warranties of merchantability and fitness for a particular purpose.

Something went wrong with that request. Please try again.