Module: Pwqgen
- Defined in:
- lib/pwqgen/pwqgen.rb,
lib/pwqgen/version.rb,
lib/pwqgen/wordlist.rb
Overview
Private: Stolen from EFF’s 7,776 wordlist. www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases
Our first new list matches the original Diceware list in size (7,776 words (65)), offering equivalent security for each word you choose. However, we have fixed the above problems, resulting in a list that is hopefully easy to type and remember.
We based our list off of data collected by Ghent University’s Center for Reading Research. The Ghent team has long studied word recognition; you can participate yourself in their online quiz to measure your English vocabulary. This list gives us a good idea of which words are most likely to be familiar to English speakers and eliminates most of the unusual words in the original Diceware list. This data also includes “concreteness” ratings for each words, from very concrete words (such as screwdriver) to very abstract words (such as love).
We took all words between 3 and 9 characters from the list, prioritizing the most recognized words and then the most concrete words. We manually checked and attempted to remove as many profane, insulting, sensitive, or emotionally-charged words as possible, and also filtered based on several public lists of vulgar English words (for example this one published by Luis von Ahn). We further removed words which are difficult to spell as well as homophones (which might be confused during recall). We also ensured that no word is an exact prefix of any other word.
The result is our own list of 7,776 words [.txt] suitable for use in dice- generated passphrases. The words in our list are longer (7.0 characters) on average, than Reinhold’s Diceware list (4.3 characters). This is a result of banning words under 3 characters as well as prioritizing familiar words over short but unusual words.
Note that the security of a passphrase generated using either list is identical; the differences are in usability, including memorability, not in security. For most uses, we recommend a generating a six-word passphrase with this list, for a strength of 77 bits of entropy. (“Bits of entropy” is a common measure for the strength of a password or passphrase. Adding one bit of entropy doubles the number of guesses required, which makes it twice as difficult to brute force.) Each additional word will strengthen the passphrase by about 12.9 bits.
Defined Under Namespace
Classes: Generator
Constant Summary collapse
- VERSION =
"0.1.0"
Class Method Summary collapse
-
.generate(length = 3) ⇒ Object
Public: Returns a random generated password string.
- .new ⇒ Object
Class Method Details
.generate(length = 3) ⇒ Object
Public: Returns a random generated password string.
length - number of words used to create the passphrase.
Example
Pwqgen.generate 2 # => “Loyal8atomic”
Pwqgen.generate # => “Gate*Abound&hull”
Returns a password string.
36 37 38 |
# File 'lib/pwqgen/pwqgen.rb', line 36 def self.generate(length = 3) self::Generator.new.generate length end |
.new ⇒ Object
40 41 42 |
# File 'lib/pwqgen/pwqgen.rb', line 40 def self.new self::Generator.new end |