AnyHotPass is a password library that produces passwords similar to the Safari suggested password feature on iOS devices. It also borrows ideas from SuperGenPass that generates password for a website from a master password and the domain of the site. This allows the user to have a unique password for every website, while still only having to remember the one master password.
npm install anyhotpass-lib
;// A string containing the user's master password.const masterPassword = 'master-password';// Domain of the site password is generated forconst domain = 'example.com';// Length of the password. This does not include the dashes every 6 characters, Total length for 18 characters is 20.const length = 18;// Generate the password.const password = ;
AnyHotPass tries to replicate the password format of the suggested passwords generated by Safari in iOS. Some examples of passwords are:
jixnic-6kehte-Nitryx cavzep-haxNic-5bymxe nihvit-3visde-Tyqvet Lexbos-womnur-tegde1
These passwords are attractive because they resemble words, and are almost pronouncable.
The password rules I have observed from studying iOS generate passwords are:
- There are groups of 3 characters (trigraphs) consisting of a consonant, vowel (plus y) and consonant
- Pairs of trigraphs are then separated by dashes
- iOS suggested passwords are 20 characters long, including the dashes
- One uppercase letter
- Uppercase letter can occur anywhere (see rule 10)
- One number
- The password cannot start with a number
- The number can be at the start of a 6 character group, shifting the other characters forward meaning the group will end in a vowel
- The number can also occur at the end of a 6 character group, replacing the final consonant.
- The number and uppercase letter cannot be in the same 6 character group
- The following letters are not allowed:
['O', 'l', 'L']
I have adhered to the rules above except that I am allowing
npm test or simply
Dependencies and license
This library relies heavily on the ideas behind SuperGenPass.