xkcdpass - secure passwords for transport

Passwords are problematic. Always. Especially during COVID-19 - were you have to securely transport data via insecure means. What I want to say: Sending confidential data via email. Actually, thats quite easy: (7)-zip everything with AES256 using a long enough key - transfer the key via additional, more secure lines of communication (e.g. phone) and you are ok for the most part.

However, spelling %-FoPN#~OeJQ0h9g3_JWrvnq9h^ip))srzg{\vnj via phone is "a bit cumbersome". Thats the moment you recall Randall Munroe's xkcd #936 Password strength:

And with this basic idea, xkcdpass was born. It can generate passwords from multiple dictonary entries, seperated by some symbols and generate things like showcase surging swoosh bakeshop smoked duffel - and you can also tweek the settings to change the amount of words used, length, delimters, etc.

It is written in python and can be installed via a quick pip install xkcdpass and then used with the command line paramter xkcdpass

All infos are in the Git repo found here.

Long enough sentences are good enough - and are awesome as "transfer keys" to secure the real data.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.