Nascent Personality Manifestation
Miss any of our Open RFC calls?Watch the recordings here! »

anyhotpass-lib

1.0.2 • Public • Published

anyhotpass-lib

AnyHotPass is a password library that produces passwords similar to the Safari suggested password feature on iOS devices. It also borrows ideas from SuperGenPass that generates password for a website from a master password and the domain of the site. This allows the user to have a unique password for every website, while still only having to remember the one master password.

NPM module

npm install anyhotpass-lib

Usage

import generate from 'anyhotpass-lib';
 
// A string containing the user's master password.
const masterPassword = 'master-password';
 
// Domain of the site password is generated for
const domain = 'example.com';
 
// Length of the password. This does not include the dashes every 6 characters, Total length for 18 characters is 20.
const length = 18;
 
// Generate the password.
const password = generate(masterPassword, domain, length);

Password format

AnyHotPass tries to replicate the password format of the suggested passwords generated by Safari in iOS. Some examples of passwords are:

jixnic-6kehte-Nitryx
cavzep-haxNic-5bymxe
nihvit-3visde-Tyqvet
Lexbos-womnur-tegde1

These passwords are attractive because they resemble words, and are almost pronouncable.

The password rules I have observed from studying iOS generate passwords are:

  1. There are groups of 3 characters (trigraphs) consisting of a consonant, vowel (plus y) and consonant
  2. Pairs of trigraphs are then separated by dashes
  3. iOS suggested passwords are 20 characters long, including the dashes
  4. One uppercase letter
  5. Uppercase letter can occur anywhere (see rule 10)
  6. One number
  7. The password cannot start with a number
  8. The number can be at the start of a 6 character group, shifting the other characters forward meaning the group will end in a vowel
  9. The number can also occur at the end of a 6 character group, replacing the final consonant.
  10. The number and uppercase letter cannot be in the same 6 character group
  11. The following letters are not allowed: ['O', 'l', 'L']

I have adhered to the rules above except that I am allowing 'L'.

Tests

Run npm test or simply jest

Dependencies and license

Hash functions are provided by crypto-js. All original code is released under the GPLv2.

Thanks

This library relies heavily on the ideas behind SuperGenPass.

Install

npm i anyhotpass-lib

DownloadsWeekly Downloads

0

Version

1.0.2

License

GPL-2.0

Unpacked Size

38.7 kB

Total Files

15

Last publish

Collaborators

  • avatar