Password generator combining actual words

Question

I got inspired by this xkcd webcomic:

The topic is also discussed here: https://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd

Now I wonder:
How can I create a password out of four random dictionary words without using the internet?

score 6 · Answer 1 · answered Nov 15 '17 at 20:48

6

Locally installed dictionaries are stored in /usr/share/dict/, for example:

$ ls -1 /usr/share/dict/
american-english
british-english                                                                                                          
cracklib-small                                                                                                             
README.select-wordlist                                                                                                  
words                                                                                                                    
words.pre-dictionaries-common

Here the first two are interesting, those dictionaries are simple word lists with one word per line. We can use shuf to output 4 random lines from one of them (and awk to replace newlines with spaces):

shuf -n4 /usr/share/dict/american-english | awk NF=NF RS= OFS=' '

Here's some example output:

contributions autumn's catalepsy's hemline's
footlights Levi's awfuller rascals
fogies flavoring preregistering requital's
Coleman's cartel halfpennies Williamson
étude's maintainers reviler's dapperest
pizazz Galahads McDowell derby
corroborate bureaucracies anchovy meager
filet Tawney feudalistic backstabbing
Beatriz sitcom surpasses guttural's
warehouse's unfamiliarity's Ashlee's sanguinary

answered Nov 15 '17 at 20:48

dessert

39,982

Or you can use and actual paper edition dictionary or any other book, open it in a random page and drop a pen ballpoint down. There's your first word. Repeat 3 more times. You can use the same method to write dadaist poetry. – Nov 15 '17 at 22:42
This is a very easy way to generate random words, but I would check carefully, that shuf is using a good random generator before letting it create my passwords; 2. If shuf is good, I would still prefer a word list, that is made for this purpose, for example the default list of xkcdpass or the custom word list from https://help.ubuntu.com/community/StrongPasswords#Custom_word_list

sudodus

Nov 16 '17 at 14:55

I made a shellscript that prunes the files in your computer, so that they work better with the xkcd method. See my edited answer and compare with the results from the original files. – sudodus Nov 17 '17 at 20:05

@sudodus So no feudalistic backstabbing? Thank you very much for working so hard on this, the pruner is great! It's a pity xkcdpass doesn't allow (truly) custom wordlists… – dessert Nov 17 '17 at 20:24

You are welcome. I enjoy cooperating with you :-) No feudalistic backstabbing and no étude's after pruning :-D ; I can use xkcdpass with the option -w like so: for i in *pruned*; do echo "$i:";xkcdpass -w "$i";echo "-----";done and of course add other options too, to get more precisely the format I want. – sudodus Nov 17 '17 at 20:31

@sudodus That's a case of RTFM, in fact I did know the option, but thought it would only allow the provided wordlists… facepalm – dessert Nov 17 '17 at 20:41

score 4 · Accepted Answer · edited Jun 12 '20 at 14:37

The computer aspect

Use a method, that provides sufficient randomness alias entropy, often measured in bits.

Accept the first offered choice from the random process. Otherwise the entropy decreases (often more than you would think), and your security level will be lower.

The human aspect

Considering the human aspect it is important that you can

accept
remember
spell

the words in the password/passphrase.

In order to preserve randomness, entropy, it is very important the you accept the first offered choice, and the word list can make a difference.

Using a big word-list provides more entropy per word, but chances are that you or users in the group, whose IT security you are managing, refuse to use the first offered password/passphrase. Your name, city or other personal data might be selected from the word list in an extremely rare case, but more often you might be offended by a political, ethnical, religious, sexual or generally rude word. Of course, if you like such words, you can add them to your own word list ;-) but don't force them onto other people.

It will make it easier to accept, remember and spell the password/passphrase, if you use a list of the most common words, where the words are selected for this particular purpose.

Create a word list yourself

You can create such a list yourself (and in your own language, and remove words with special characters, because they might cause problems with some software).

The following shellscript pruner might help. You get only lowercase words, which makes the typing easier (special characters are removed) and only words in the interval [4,10] letters (not too short, not too long). But there is no sorting of these files according to how easy to accept they are. You need other information to remove uncommon, difficult and potentially offensive words, or you can do it manually.

#!/bin/bash
LANG=C
for wordlist in 

$(find /usr/share/dict/ /usr/lib/python3/dist-packages/xkcdpass/static -type f -size +10k) 

$(ls -1 word-list.txt 2> /dev/null)
do
prunedlist="${wordlist##*/}"
prunedlist="${wordlist////_}"
 prunedlist="${prunedlist/.txt}-pruned.txt"
echo "source:  $wordlist"
 echo -n "Total number of words in list:              "
 < "$wordlist" wc -l
echo "target:  $prunedlist" 
 echo -n "Used lower case words ( 4 < length < 10 ):  "
< "$wordlist"  tr -d '\015'| 

 grep '^[a-z]{4,10}$' | 

 tee "$prunedlist" | 

 wc -l
 echo "-------"
done

The shellscript will find the default word lists and also word lists for xkcdpass and cracklib, if installed.

Now you can run your shuf command line to test the pruned word lists,

$ for i in *pruned*; do echo "$i:";shuf -n4 "$i"| awk NF=NF RS= OFS=' ';echo "-----";done

but I would prefer xkcdpass.

Download a word-list

You can download such a list (check that it consists of unique words and is long enough, at least 2048 words = 2^11 words, which corresponds to 11 bits of entropy).

Downloading, checking and using such a file from the internet should be safe. As usual, you should only use reliable web sites.

The important thing for the security is not the words themselves, but that you let a random process (for example dice) or a good pseudo-random computer process select the words. Do not tamper with the random process by selecting or modifying the password manually.

At this Ubuntu help wiki page: The XKCD method - xkcdpass you can find a

Custom word list - 'word-list.txt'

Useful command-lines with xkcdpass

Decide what works best for the security level you need in your particular case,

lower number of words that are strange and complicated
higher number of words that are common and easy

It may be vary between persons (and groups of people, if you are considering how to set a policy or custom tool for an organization).

You can let xkcdpass compute randomness alias entropy in bits by adding the verbosity option -V. These examples use the default word list and the custom word list from the Ubuntu help page word-list.txt,

xkcdpass -V -n 3
xkcdpass -V -n 4 --min 4 --max 10 -d . -w word-list.txt

Using the default word file: lower number of words that are strange and complicated

# Normal security level at home, entropy = 45 bits;
$ xkcdpass -n 3
demeanour basely extrude
Next security level, entropy = 60 bits:
$ xkcdpass -n 4
metal cottager advocacy soursop
High security level, entropy = 76 bits:
$ xkcdpass -n 5
hostile impounder Caledonia ramie Goddard
Very high security level, entropy = 91 bits:
$ xkcdpass
ambrosia Cossack vivify Barbudan royal Campinas

Please notice that this is the default setting. But the security level is very high only if the user

can accept the first password/passphrase offered,
can remember it without a post-it sticker on the monitor/laptop (or other 'shortcut'),
can spell it without a post-it sticker on the monitor/laptop (or other 'shortcut').

Using a custom word file: higher number of words that are common and easy

# Normal security level at home, entropy = 47 bits:
$ xkcdpass -n 4 --min 4 --max 10 -d . -w word-list.txt
sharp.hockey.steal.backyard
Next security level, entropy = 59 bits:
$ xkcdpass -n 5 --min 4 --max 10 -d . -w word-list.txt
initially.assistant.barely.framework.regional
Next security level, entropy = 71 bits:
$ xkcdpass -n 6 --min 4 --max 10 -d . -w word-list.txt
snake.food.dress.perception.club.waste
High security level, entropy = 83 bits:
$ xkcdpass -n 7 --min 4 --max 10 -d . -w word-list.txt
stand.mentor.know.cream.automatic.treatment.effect

Thank you for this great answer! How exactly did you compute entropy? I understand the whole entropy concept relies on the fact that certain information is available to the person trying to crack the password. Which information is that in your scenario? — dessert, Nov 16 '17 at 15:02
The easy way is to let xkcdpass do it by adding the option -V, for example xkcdpass -V. You can find general ways to do it at https://help.ubuntu.com/community/StrongPasswords#Using_xkcdpass. The function l () in bc is the natural logaritm alias 'e-log', the inverse of 'e^x'. The assumption is that the attacker knows which method is used. Otherwise it will be more difficult for the attacker (bits are added because the attacker must try several methods or brute force if nothing is known about the password/passphrase). — sudodus, Nov 16 '17 at 15:24

muru · Answer 3 · 2017-11-16T08:22:36.260

3

There's probably any number of XKCD password generator implementations out there:

xkcdpass, available from the xkcdpass package, Python (doesn't seem to use a CSPRNG)

$ xkcdpass
baroque viand blindfold hooch notion ravening
$ xkcdpass -n4
useless elated liveable overfly

xkcd-password, NodeJS module
dozens of websites
diceware, which follows a similar process, but using websites
...

Pick your poison.

Also see:

Is “the oft-cited XKCD scheme […] no longer good advice”? on the Security Stack Exchange

edited Nov 16 '17 at 08:22

answered Nov 16 '17 at 01:05

muru

197,895
55
485
740

Oh of course there's a package for that! :) The first two seem to be the same thing (although the package version is of course not the latest one), but both allow only a small selection of languages besides English yet: Spanish, Finnish and Italian. xkcd-password allows using a custom list like one of the system dictionaries with the -f option. – dessert Nov 16 '17 at 08:12
@dessert huh, I didn't notice that they were both the same. – muru Nov 16 '17 at 08:22
As to using online services see this password testing tool. – dessert Nov 16 '17 at 12:06

score 2 · Answer 4 · answered Nov 16 '17 at 16:24

Please don't do this.

Maybe some tools only guess passwords using characters, but some guess multiple common words soon if they don't already.
If you're remembering your passwords, you are almost certainly reusing them (maybe with variations) for different sites. If you have 30 accounts on the internet, I bet at least one of your passwords are compromised each year. Someone with your password from one site will try it with variations on your other accounts. So your horseBatteryStapleLinkedIn password allows someone to guess that your gmail password is horseBatteryStapleGoogle, horseBatteryStapleGmail, horseBatteryStapleLiamg (Gmail spelled backwards). If you can think of it, someone else can too.

I know it's a pain, but use a password manager instead. Have it generate unique, random passwords for every site. If you're paranoid like me, you can change a couple characters in the suggested password in case the generator's (pseudo-)random algorithm is ever compromised. I like KeePassX with the database backed up in DropBox, but LastPass is easier for some people to use. There are many paid password managers as well.

Good News

The human brain is good at imposing order, even when there is none. You can remember random characters by staring at them until you perceive order in the chaos. There is no order. This is just what your brain does. For instance:

bJbRpZ2S9

Means something to you. If you type it enough times, you'll come up with something like this to remember it:

black Jack beyond Re post Zaps 2 Surly 9's

You can eventually remember 2 or 3 master passwords that way. One for your OS, and one for your password manager. That's all you need.

P.S. When using a password manager, periodically print out your passwords and put them in a tamper-evident envelope in a safe somewhere so you don't lose them. Ideally where your next-of-kin can get them if something happens to you, like a safe deposit box.

I agree about using a password manager (or simply an encrypted file), where you keep your passwords except for your OS and password manager. But I think, that the passwords for your OS and password manager are good candidates to be created with the XKCD method. I think that it is easier to remember a few words than a complex string of ASCII characters. (It may differ between people.) Your example: 9 letters and numbers, 62 characters, randomly, corresponds to between 53 and 54 bits. This is matched by 4 words from a big word-list (38271 words) or 5 words from a small word-list (2048 words). — sudodus, Nov 16 '17 at 17:19

Password generator combining actual words

4 Answers4

The computer aspect

The human aspect

Create a word list yourself

prunedlist="${wordlist##*/}"

Download a word-list

Useful command-lines with xkcdpass

Next security level, entropy = 60 bits:

High security level, entropy = 76 bits:

Very high security level, entropy = 91 bits:

Next security level, entropy = 59 bits:

Next security level, entropy = 71 bits:

High security level, entropy = 83 bits:

Good News

Linked