Simply wanted a quick way to generate memorable passwords from the command line.
# on ubuntu sudo apt install build-essential libsodium-dev git clone https://git.sr.ht/~voidraven/xpg cd xpg make && sudo make install # creates ~/.xpg/dict.txt (the default dictionary location) # if you want to build a debug version make debug # if you want to build an optimized version make opt
Check out the Releases page..
xpg # use default settings xpg -c snake # use snake_case xpg -c pascal # use PascalCase xpg -c camel # use camelCase xpg -c lisp # use lisp-case xpg -w 12 # specify 12 words to be used xpg -n 6 -w 12 # create 6 passwords each using 12 words
The default settings are meant to be sane and secure. None of the settings will degrade the security of your passwords, they simply cater to your personal preference.
The random number generator used is from libsodium, a new and strong crypto library. The RNG is also seeded by libsodium in the proper fashion. The reasoning behind choosing libsodium is that it is quickly installed via most unix package managers, therefore most people either already have it installed, or can install it easily. I wanted to use only standard library features, but couldn't find a safe way to to so.
There has been much online debate regarding the safety of using this scheme. There is enough evidence to show that as long you are using passwords in a safe manner you will be safe using this scheme. This means using a password manager, and not using one password for all your different logins. You can read some of the arguments for and against the scheme here, here, and here. If you are looking for a good password manager, I suggest pass.
Feel free to send me suggestions for improving the security of this application. I'm open to being shown where there are errors.
Free and Open Source software and the help of the church of Emacs ;)
There are a number of alternate dictionaries provided. The initial one I used, although large, contained many hard to remember or pronounce medical words. I have recently replaced the default dictionary to be a more friendly one. These dictionaries can be found in ./include/dict/ Currently only ASCII english dictionaries are provided. I provide more than one dictionary to make things more difficult on a potential attacker. If you wish to change the dictionary, simply place one of these as ~/.xpg/dict.txt
BSD 3-Clause; See LICENSE.md.
Please use a secure password manager.