Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Scripts and sources for password generation, etc.
C
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
.gitignore
LICENSE.txt minor text change
README.md
mkpasswd.c

README.md

mkpasswd

generate passphrases with [a promise of] 66 bits of entropy

mkpasswd generates high-entropy, six-word passphrases in CamelCase

Installation

mkpasswd is a straightforward compile:

cc -O0 -o mkpasswd mkpasswd.c

Usage

usage: mkpasswd [-dsh]
  -h : print this message
  -d : delimit words with dashes
  -s : delimit words with spaces
  (default) : no delimiters

Examples

No arguments:

mkpasswd
GeldAreAltoCityBangFee

Generate a passphrase with dashes as delimiters:

mkpasswd -d
Size-Dame-Sits-Folk-Lind-Red

Generate a passphrase with spaces as delimiters:

mkpasswd -s
Coda Beak Sick Hymn Tote Dusk

History

mkpasswd was inspired by the babble strings produced by the original Bellcore S/Key OTP generator; however, its purpose is merely to produce passwords with a promise of 66 bits of entropy (in the default configuration). The dictionary differs from the original in that only 3- and 4-letter words are used. The security of the passphrases generated is reducible to the security of the underlying system RNG (e.g., /dev/random). Six words are selected at random from a dictionary of 2048 words, yielding 2^66 possible passphrases.

To make passphrases more legible, the -s option inserts spaces, and the -d option inserts dashes. It is up to the user whether to include these.

Caveats

Since the common Linux implementation of /dev/random blocks, a conditional compile for Linux has the program use /dev/urandom. This may reduce the security of passwords. On FreeBSD and OS X /dev/random is of a different design, using a 256-bit variant of Yarrow when no hardware RNG is present, with support for hardware RNGs if available.

Something went wrong with that request. Please try again.