Add possibility to generate many passphrases.

[translit]

Hey Uli. Just discovered your great software. Thanks so much for it.

One function I'm unable to find is the possibility to generate many passphrases at the same time. Is it there? If not, would it be a good idea to add it?

[ulif]

Hey @translit , sorry for not answering such a long time! I simply got no good excuse.

You might have something in mind like the pwgen functionality? I am currently not sure, why people need that and have never seen someone making use of it. But that does of course not mean that the use case does not exist at all.

Therefore it would be great, if you could tell a bit about use-cases you have in mind.

[translit]

Of course. Generating many passphrases will help me choose the one I like. I can, of course, just do for run in {1..10}; do diceware; done but that's kind of clunky.

[ulif]

Uh, picking the nicest password? This way you reduce the entropy of your passwords, as explained - for instance - here: https://blog.webernetz.net/password-strengthentropy-characters-vs-words/ (please see the "Problems With Passphrases" section near the end).

I don't think this is a good reason for adding batch-functionality, sorry.

Is there any other use-case?

[translit]

Oh. I see Uli. Let's forget it then.

[luckman212]

Happy new year! I'd like to reopen the possibility for this use-case @ulif I agree with @translit that generating N number of phrases can be very useful.

I'll give a hypothetical example:

• I want to use diceware to generate a password for my boss
• My boss is generally a lazy person

I run the following command:

diceware -c -n2

Which generates (by some bad luck) the following:

LazyManager

(these are both present in the default wordlist_en_eff.txt)

Oops! I can't look him in the face and tell him your new password is LazyManager

So, in this case, it would have been great if I could have instead run something like

diceware -c -n2 -i 5

And received the following output to choose a more appropriate one:

DeltaWashstand
UnrentedReabsorb
WashtubBanker
LazyManager
BoxlikeUndoing

😊

[luckman212]

I wrote a small wrapper around the Python package to implement this for now.

If you're using a virtualenv instead of a globally-installed diceware, replace the shebang with the path to the python inside the venv

Setup

pip install diceware

Script

• see gist
• save as e.g. pwgen-dw.py
• use the new -i N parameter to specify # of iterations

Example

$ pwgen-dw.py -i 5 -n 3
SpongyWashroomEmu
BuddhismMantisParmesan
ArrayImpedingSkeletal
ChubbyChapsHuddle
EtchingSwarmGatherer

[ulif]

Hi Luke, thanks for using diceware and for the good wishes. I wish you a happy new year as well :)

I am afraid your "new" use case does not convince me very much. While I would not generally oppose such loop functionality, I am still a bit reluctant. Still for the same reasons as above.

Your bad-words argument looks a bit like the simplicity argument in the posting I linked above. It is only instead of simple terms your boss prefers decent terms. An attacker could use this to try only the decent combinations and leave out all combinations with "lazy" (or try them later).

Your use case might be solved better by using a better suited word list.

Furthermore, @translit gave a one-liner above, that looks much easier (and in no way clumsy) to handle than a big complicated script:

$ for n in {1..5}; do diceware -n 3 -c; done

That looks pretty elegant to me. Simple, readable, and doing what it is supposed to do, doesn't it? If you prefer a script that supports passing the usual arguments:

#!/bin/sh
for n in {1..$1}; do diceware ${@:2}; done

or something similar might help. Save this as ndiceware.sh make it executable and you can do:

$ ndiceware 5 -n 3 -c

to get nearly the same results as your Python gist above.

This won't, however, work well with interactive modes of operation: feeding a word list from stdin, using real dice and enter their numbers during runtime, etc.

Anyway, I do not oppose completely. The real problem might be, that I am, like your boss, a lazy person. Implementing a loop functionality is doable, of course. But it would require (meanwhile) to cover a lot of edge cases, many related to interactive behaviour.

Therefore I might welcome respective PRs. But for now I would push up other issues first, that convinced me already. Standard config file locations, for instance.

For that, I ask for your understanding. Please do not hesitate to make further suggestions!

[luckman212]

Thank you for thinking about it @ulif

I understand your viewpoint. In the end if I couldn't convince you, then so be it. I scratched my itch with the script so—we can both walk away happy I suppose.

Maybe I should back up a step: the reason I dove down this rabbit hole in the first place was because I was using the simple bash shell loop method you suggest above, and on my older systems it was painfully slow (each iteration has to warm up the python environment, do the imports, etc). I finally got annoyed enough that I decided to try to optimize it.

I just tested my python wrapper vs. a shell loop for 20 iterations on my main system (an M1 Mac Mini) and got this result:

$ hyperfine 'for c in {1..20}; do diceware -n 2; done' 'pwgen-dw.py -i 20 -n 2'
...
Summary
  'pwgen-dw.py -i 20 -n 2' ran
   13.33 ± 0.04 times faster than 'for c in {1..20}; do diceware -n 2; done'

I'll take that 13x speedup any day. 🚀

[qwertz44]

If i want to generate a bunch of passwords for multiple clients it would be great to have a feature to do this in diceware itself (without needing another script).

[ulif]

This is indeed true, @luckman212. Calling diceware several times really takes too much time.

Unfortunately my sparetime still is pretty rare. Therefore I cannot promise to finish the multi-phrases-output very soon. But it is now on my todo-list.