diff --git a/README.md b/README.md index 44e11c4..dd44c3c 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ For **Python 3.6+**, it's currently based on the security of Python's [Lib/secre It also makes use of the [EFF Large Wordlist](https://www.eff.org/es/document/passphrase-wordlists) as words reference for passphrases. -A secure passphrase must be of at least 5 words, but 7 is better, and maybe you can add a random number to the list. If you need a password, make it bigger than 8 characters (NIST's latest recommendation), and preffer more than 12 (I recommend 16 or more). Passwords are comprised of digits, upper and lower case letters and punctuation symbols - more specifically: `ascii_letters`, `digits` and `punctuation` from [Lib/string](https://docs.python.org/3.6/library/string.html#string-constants) -. +A secure passphrase must be of at least 6 words, but 7 is better, and maybe you can add a random number to the list. If you need a password, make it bigger than 8 characters (NIST's latest recommendation), and preffer more than 12 (I recommend 16 or more). Passwords are comprised of digits, upper and lower case letters and punctuation symbols - more specifically: `ascii_letters`, `digits` and `punctuation` from [Lib/string](https://docs.python.org/3.6/library/string.html#string-constants) -. ## Requirements @@ -37,11 +37,11 @@ To install requirements, use pip: `pip3 install -r requirements.txt`. Check the [man page](man/passphrase.md) for more information. -#### Generate a passphrase of 5 words (default settings) +#### Generate a passphrase of 6 words (default settings) ``` :~$ passphrase -trophy affiliate clobber vivacious aspect +trophy affiliate clobber vivacious aspect thickness ``` #### Generate a passphrase of 6 words and a number (minimum recommended) diff --git a/man/passphrase.1 b/man/passphrase.1 index 56dc3db..c198c76 100644 --- a/man/passphrase.1 +++ b/man/passphrase.1 @@ -1,5 +1,5 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH PASSPHRASE "1" "September 2017" "Passphrase v0.2.1" "Passphrase" +.TH PASSPHRASE "1" "September 2017" "Passphrase v0.2.3-1" "Passphrase" .SH NAME Passphrase \- Tool to generate cryptographically secure passphrases and passwords .SH DESCRIPTION @@ -7,13 +7,13 @@ usage: passphrase.py [\-h] [\-\-version] [\-q] [\-p [PASSWORD]] [\-w WORDS] .IP [\-n NUMBERS] [\-s SEPARATOR] [\-o OUTPUT] [\-i INPUT] [\-d] .PP -Passphrase v0.2.1 \- Copyright HacKan (https://hackan.net) GNU GPL v3.0+. +Passphrase v0.2.3-1 \- Copyright HacKan (https://hackan.net) GNU GPL v3.0+. .PP Generates a cryptographically secure passphrase, based on a wordlist, or a password, and prints it to standard output. By default, it uses an embedded EFF Large Wordlist for passphrases. -Passphrases with less than 5 words are considered insecure. A safe bet is -between 5 and 7 words, plus at least a number. +Passphrases with less than 6 words are considered insecure. A safe bet is +between 6 and 7 words, plus at least a number. For passwords, use at least 8 characters, but prefer 12 or more. .PP Instead of words and numbers, a password (random string of printable @@ -24,7 +24,7 @@ single column, one word per line. If \fB\-d\fR | \fB\-\-diceware\fR is used, the file is treated as a diceware wordlist (two columns). Optionally, \fB\-o\fR | \fB\-\-output\fR can be used to specify an output file (existing file is overwritten). -The number of words is 5 by default, but it can be changed by \fB\-w\fR | \fB\-\-words\fR. +The number of words is 6 by default, but it can be changed by \fB\-w\fR | \fB\-\-words\fR. The number of numbers is 0 by default, but it can be changed by \fB\-n\fR | \fB\-\-numbers\fR. The generated numbers are between 0 and 999999. The default separator is a blank space, but any character or character diff --git a/man/passphrase.md b/man/passphrase.md index cb07b2c..f5edc20 100644 --- a/man/passphrase.md +++ b/man/passphrase.md @@ -12,12 +12,12 @@ usage: passphrase.py \[-h\] \[--version\] \[-q\] \[-p \[PASSWORD\]\] \[-n NUMBERS\] \[-s SEPARATOR\] \[-o OUTPUT\] \[-i INPUT\] \[-d\] -Passphrase v0.2.1 - Copyright HacKan (https://hackan.net) GNU GPL v3.0+. +Passphrase v0.2.3-1 - Copyright HacKan (https://hackan.net) GNU GPL v3.0+. Generates a cryptographically secure passphrase, based on a wordlist, or a password, and prints it to standard output. By default, it uses an embedded EFF Large Wordlist for passphrases. Passphrases with less than -5 words are considered insecure. A safe bet is between 5 and 7 words, +6 words are considered insecure. A safe bet is between 6 and 7 words, plus at least a number. For passwords, use at least 8 characters, but prefer 12 or more. @@ -28,7 +28,7 @@ specified by **-i** | **--input**, the format must be: single column, one word per line. If **-d** | **--diceware** is used, the input file is treated as a diceware wordlist (two columns). Optionally, **-o** | **--output** can be used to specify an output file (existing file is -overwritten). The number of words is 5 by default, but it can be changed +overwritten). The number of words is 6 by default, but it can be changed by **-w** | **--words**. The number of numbers is 0 by default, but it can be changed by **-n** | **--numbers**. The generated numbers are between 0 and 999999. The default separator is a blank space, but any diff --git a/src/passphrase.py b/src/passphrase.py index d8ebc52..72f4272 100755 --- a/src/passphrase.py +++ b/src/passphrase.py @@ -7790,11 +7790,11 @@ ) MAX_NUM = 999999 -WORDS_AMOUNT_MIN_DEFAULT = 5 +WORDS_AMOUNT_MIN_DEFAULT = 6 NUMS_AMOUNT_MIN_DEFAULT = 0 PASSWD_LEN_MIN_DEFAULT = 8 -VERSION = '0.2.3' +VERSION = '0.2.3-1' def print_error(string: str) -> None: @@ -7884,8 +7884,9 @@ def generate_password(length: int) -> str: 'Generates a cryptographically secure passphrase, based on ' 'a wordlist, or a\npassword, and prints it to standard output.\n' 'By default, it uses an embedded EFF Large Wordlist for passphrases.\n' - 'Passphrases with less than 5 words are considered insecure. ' - 'A safe bet is \nbetween 5 and 7 words, plus at least a number.\n' + 'Passphrases with less than {wordsamountmin} words are considered ' + 'insecure. A safe bet is \nbetween {wordsamountmin} and 7 words, ' + 'plus at least a number.\n' 'For passwords, use at least {passwdmin} characters, but prefer ' '{passwdpref} or more.\n\n' 'Instead of words and numbers, a password (random string of '