mirror of
https://github.com/wneessen/apg-go.git
synced 2024-11-22 13:50:49 +01:00
commit
3e819976f6
1 changed files with 13 additions and 13 deletions
26
README.md
26
README.md
|
@ -15,12 +15,12 @@ SPDX-License-Identifier: CC0-1.0
|
||||||
_apg-go_ is a simple APG-like password generator written in Go. It tries to replicate the
|
_apg-go_ is a simple APG-like password generator written in Go. It tries to replicate the
|
||||||
functionality of the
|
functionality of the
|
||||||
"[Automated Password Generator](https://web.archive.org/web/20130313042424/http://www.adel.nursat.kz:80/apg)",
|
"[Automated Password Generator](https://web.archive.org/web/20130313042424/http://www.adel.nursat.kz:80/apg)",
|
||||||
which hasn't been maintained since 2003. Since more and more Unix distributions are abondoning the tool, I was
|
which hasn't been maintained since 2003. Since more and more Unix distributions are abandoning the tool, I was
|
||||||
looking for an alternative. FreeBSD for example recommends "security/makepasswd", which is written in Perl
|
looking for an alternative. FreeBSD for example recommends "security/makepasswd", which is written in Perl
|
||||||
but requires a lot of dependency packages and doesn't offer the feature-set/flexibility of APG.
|
but requires a lot of dependency packages and doesn't offer the feature-set/flexibility of APG.
|
||||||
|
|
||||||
Since FIPS-181 (pronouncable passwords) has been withdrawn in 2015, apg-go does not follow this standard. Instead
|
Since FIPS-181 (pronounceable passwords) has been withdrawn in 2015, apg-go does not follow this standard. Instead,
|
||||||
it implements the [Koremutake Syllables System](https://shorl.com/koremutake.php) in its pronouncable password mode.
|
it implements the [Koremutake Syllables System](https://shorl.com/koremutake.php) in its pronounceable password mode.
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
|
@ -229,7 +229,7 @@ $ ./apg-go -n 1 -C
|
||||||
### Password length
|
### Password length
|
||||||
By default, apg-go will generate a password with a random length between 12 and 20 characters. If you
|
By default, apg-go will generate a password with a random length between 12 and 20 characters. If you
|
||||||
want to be more specific, you can use the `-m` and `-x` parameters to override the defaults. Let's
|
want to be more specific, you can use the `-m` and `-x` parameters to override the defaults. Let's
|
||||||
assume you want a single complex password with a length of exactly 32 characters, you can do so by
|
assume you want a single complex password with a length of exactly 32 characters you can do so by
|
||||||
running:
|
running:
|
||||||
```shell
|
```shell
|
||||||
$ ./apg-go -n 1 -C -m 32 -x 32
|
$ ./apg-go -n 1 -C -m 32 -x 32
|
||||||
|
@ -252,26 +252,26 @@ fUTDKeFsU+zn3r= (foxtrot/Uniform/Tango/Delta/Kilo/echo/Foxtrot/sierra/Uniform/PL
|
||||||
```
|
```
|
||||||
|
|
||||||
### Pronouncable passwords
|
### Pronouncable passwords
|
||||||
Since v0.4.0 apg-go supports pronouncable passwords, anologous to the original c-apg using the `-a 0`
|
Since v0.4.0 apg-go supports pronounceable passwords, anologous to the original c-apg using the `-a 0`
|
||||||
flag. The original c-apg implemented FIPS-181, which was withdrawn in 2015 for generating pronouncable
|
flag. The original c-apg implemented FIPS-181, which was withdrawn in 2015 for generating pronounceable
|
||||||
passwords. Since the standard is not recommended anymore, `apg-go` instead make use of the
|
passwords. Since the standard is not recommended anymore, `apg-go` instead make use of the
|
||||||
[Koremutake Syllables System](https://shorl.com/koremutake.php). Similar to the original apg, `agp-go`
|
[Koremutake Syllables System](https://shorl.com/koremutake.php). Similar to the original apg, `agp-go`
|
||||||
will automatically randomly add special characters and number (from the human-readable pool) to each
|
will automatically randomly add special characters and number (from the human-readable pool) to each
|
||||||
generated pronouncable password. Additionally it will perform a "coinflip" for each Koremutake syllable
|
generated pronounceable password. Additionally it will perform a "coinflip" for each Koremutake syllable
|
||||||
and decided if it should switch the case of one of the characters to an upper-case character.
|
and decided if it should switch the case of one of the characters to an upper-case character.
|
||||||
|
|
||||||
Using the `-t` parameter, `apg-go` will display a spelled out version of the pronouncable password, where
|
Using the `-t` parameter, `apg-go` will display a spelled out version of the pronounceable password, where
|
||||||
each syllable or number/special character is seperated with a "-" (dash) and if the syllable is not a
|
each syllable or number/special character is seperated with a "-" (dash) and if the syllable is not a
|
||||||
Koremutake syllable the character will be spelled out the same was as with activated `-l` in the
|
Koremutake syllable the character will be spelled out the same was as with activated `-l` in the
|
||||||
non-pronouncable password mode (`-a 1`).
|
non-pronounceable password mode (`-a 1`).
|
||||||
|
|
||||||
**Note on password length**: The `-m` and `-x` parameters will work in prouncable password mode, but
|
**Note on password length**: The `-m` and `-x` parameters will work in prouncable password mode, but
|
||||||
please keep in mind, that due to the nature how syllables work, your generated password might exceed
|
please keep in mind, that due to the nature how syllables work, your generated password might exceed
|
||||||
the desired length by one complete syllable (which can be up to 3 characters long).
|
the desired length by one complete syllable (which can be up to 3 characters long).
|
||||||
|
|
||||||
**Security consideration:** Please keep in mind, that pronouncable passwords are less secure compared to truly
|
**Security consideration:** Please keep in mind, that pronounceable passwords are less secure compared to truly
|
||||||
randomly created passwords, due to the nature how syllables work. As a rule of thumb, it is recommended
|
randomly created passwords, due to the nature how syllables work. As a rule of thumb, it is recommended
|
||||||
to multiply the length of your generated pronouncable passwords by at least 1.5 times, compared to truly
|
to multiply the length of your generated pronounceable passwords by at least 1.5 times, compared to truly
|
||||||
randomly generated passwords. It might also be helpful to run the pronoucable password mode with enabled
|
randomly generated passwords. It might also be helpful to run the pronoucable password mode with enabled
|
||||||
"[HIBP](#have-i-been-pwned)" flag, so that each generated password is automatically checked against "Have I Been Pwned"
|
"[HIBP](#have-i-been-pwned)" flag, so that each generated password is automatically checked against "Have I Been Pwned"
|
||||||
database.
|
database.
|
||||||
|
@ -310,7 +310,7 @@ character class. If one of the arguments is give, apg-go will generate passwords
|
||||||
of characters of the corresponding class is given.
|
of characters of the corresponding class is given.
|
||||||
|
|
||||||
**Note on minimum characters**: Please keep in mind, that due to the way the "minimum amount" feature works,
|
**Note on minimum characters**: Please keep in mind, that due to the way the "minimum amount" feature works,
|
||||||
the calculation time for passwords can increase and if the amount is set too high, it can result in apt-go
|
the calculation time for passwords can increase and if the amount is set too high, it can result in apg-go
|
||||||
never being able to finish the job.
|
never being able to finish the job.
|
||||||
|
|
||||||
Example:
|
Example:
|
||||||
|
@ -366,7 +366,7 @@ _apg-go_ replicates most of the parameters of the original c-apg. Some parameter
|
||||||
- `-H`: Avoid ambiguous characters in passwords (i. e.: 1, l, I, o, O, 0) (Default: off)
|
- `-H`: Avoid ambiguous characters in passwords (i. e.: 1, l, I, o, O, 0) (Default: off)
|
||||||
- `-C`: Generate complex passwords (implies -L -U -N -S and disables -H) (Default: off)
|
- `-C`: Generate complex passwords (implies -L -U -N -S and disables -H) (Default: off)
|
||||||
- `-l`: Spell generated passwords in random password mode (Default: off)
|
- `-l`: Spell generated passwords in random password mode (Default: off)
|
||||||
- `-t`: Spell generated passwords in pronouncable password mode (Default: off)
|
- `-t`: Spell generated passwords in pronounceable password mode (Default: off)
|
||||||
- `-p`: Check the HIBP database if the generated passwords was found in a leak before (Default: off) // *this feature requires internet connectivity*
|
- `-p`: Check the HIBP database if the generated passwords was found in a leak before (Default: off) // *this feature requires internet connectivity*
|
||||||
- `-h`: Show a CLI help text
|
- `-h`: Show a CLI help text
|
||||||
- `-v`: Show the version number
|
- `-v`: Show the version number
|
||||||
|
|
Loading…
Reference in a new issue