mirror of
https://github.com/wneessen/apg-go.git
synced 2024-12-23 03:30:39 +01:00
Minor code cleanups and updated README to reflect #27
This commit is contained in:
parent
6d17f5fd72
commit
aeb278355c
6 changed files with 58 additions and 5 deletions
|
@ -5,7 +5,12 @@
|
|||
</component>
|
||||
<component name="ChangeListManager">
|
||||
<list default="true" id="e32960c0-29e5-4669-9fc2-ef12314486ce" name="Changes" comment="Added pronounceable passwords #27">
|
||||
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/README.md" beforeDir="false" afterPath="$PROJECT_DIR$/README.md" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/chars/chars.go" beforeDir="false" afterPath="$PROJECT_DIR$/chars/chars.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/chars/koremutake.go" beforeDir="false" afterPath="$PROJECT_DIR$/chars/koremutake.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/cmd/apg/apg.go" beforeDir="false" afterPath="$PROJECT_DIR$/cmd/apg/apg.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/cmd/apg/apg_test.go" beforeDir="false" afterPath="$PROJECT_DIR$/cmd/apg/apg_test.go" afterDir="false" />
|
||||
</list>
|
||||
<option name="SHOW_DIALOG" value="false" />
|
||||
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
||||
|
@ -48,7 +53,7 @@
|
|||
<property name="go.modules.go.list.on.any.changes.was.set" value="true" />
|
||||
<property name="go.sdk.automatically.set" value="true" />
|
||||
<property name="last_opened_file_path" value="$USER_HOME$" />
|
||||
<property name="settings.editor.selected.configurable" value="go.vgo" />
|
||||
<property name="settings.editor.selected.configurable" value="go.sdk" />
|
||||
</component>
|
||||
<component name="RunManager">
|
||||
<configuration name="Test Application" type="GoTestRunConfiguration" factoryName="Go Test">
|
||||
|
|
36
README.md
36
README.md
|
@ -8,8 +8,8 @@ which hasn't been maintained since 2003. Since more and more Unix distributions
|
|||
looking for an alternative. FreeBSD for example recommends "security/makepasswd", which is written in Perl
|
||||
but requires a lot of dependency packages and doesn't offer the feature-set/flexibility of APG.
|
||||
|
||||
Since FIPS-181 (pronouncable passwords) has been withdrawn in 2015, I didn't see any use in replicating that
|
||||
feature. Therfore apg-go does not support pronouncable passwords.
|
||||
Since FIPS-181 (pronouncable passwords) has been withdrawn in 2015, apg-go does not follow this standard. Instead
|
||||
it implements the [Koremutake Syllables System](https://shorl.com/koremutake.php) in its pronouncable password mode.
|
||||
|
||||
## Installation
|
||||
### Ports/Packages
|
||||
|
@ -175,6 +175,38 @@ $ ./apg-go -n 1 -M LUSN -H -E : -l
|
|||
fUTDKeFsU+zn3r= (foxtrot/Uniform/Tango/Delta/Kilo/echo/Foxtrot/sierra/Uniform/PLUS_SIGN/zulu/november/THREE/romeo/EQUAL_SIGN)
|
||||
```
|
||||
|
||||
### Pronouncable passwords
|
||||
Since v0.4.0 apg-go supports pronouncable passwords, anologous to the original c-apg using the `-a 0`
|
||||
flag. The original c-apg implemented FIPS-181, which was withdrawn in 2015 for generating pronouncable
|
||||
passwords. Since the standard is not recommended anymore, `apg-go` instead make use of the
|
||||
[Koremutake Syllables System](https://shorl.com/koremutake.php). Similar to the original apg, `agp-go`
|
||||
will automatically randomly add special characters and number (from the human-readable pool) to each
|
||||
generated pronouncable password. Additionally it will perform a "coinflip" for each Koremutake syllable
|
||||
and decided if it should switch the case of one of the characters to an upper-case character.
|
||||
|
||||
Using the `-t` parameter, `apg-go` will display a spelled out version of the pronouncable password, where
|
||||
each syllable or number/special character is seperated with a "-" (dash) and if the syllable is not a
|
||||
Koremutake syllable the character will be spelled out the same was as with activated `-l` in the
|
||||
non-pronouncable password mode (`-a 1`).
|
||||
|
||||
**Note on password length**: The `-m` and `-x` parameters will work in prouncable password mode, but
|
||||
please keep in mind, that due to the nature how syllables work, your generated password might exceed
|
||||
the desired length by one complete (which can be up to 3 characters long).
|
||||
|
||||
**Security consideration:** Please keep in mind, that pronouncable passwords are less secure then truly
|
||||
randomly created passwords, due to the nature how syllables work. As a rule of thumb, it is recommended
|
||||
to multiply the length of your generated pronouncable passwords by at least 1.5 times, compared to truly
|
||||
randomly generated passwords. It might also be helpful to run the pronoucable password mode with enabled
|
||||
"HIBP" flag, so that each generated password is automatically checked against "Have I Been Pwned"
|
||||
database.
|
||||
```shell
|
||||
$ ./apg-go -a 0 -n 1
|
||||
KebrutinernMy
|
||||
|
||||
$ ./apg-go -a 0 -n 1 -m 15 -x 15 -t
|
||||
pEnbocydrageT*En (pEn-bo-cy-dra-geT-ASTERISK-En)
|
||||
```
|
||||
|
||||
### Have I Been Pwned
|
||||
Even though, the passwords that apg-go generated for you, are secure, there is a minimal chance, that
|
||||
someone on the planet used exactly the same password before and that this person was part of an
|
||||
|
|
|
@ -5,13 +5,28 @@ import (
|
|||
"regexp"
|
||||
)
|
||||
|
||||
// PwLowerCharsHuman is the range of lower-case characters in human-readable mode
|
||||
const PwLowerCharsHuman string = "abcdefghjkmnpqrstuvwxyz"
|
||||
|
||||
// PwUpperCharsHuman is the range of upper-case characters in human-readable mode
|
||||
const PwUpperCharsHuman string = "ABCDEFGHJKMNPQRSTUVWXYZ"
|
||||
|
||||
// PwLowerChars is the range of lower-case characters
|
||||
const PwLowerChars string = "abcdefghijklmnopqrstuvwxyz"
|
||||
|
||||
// PwUpperChars is the range of upper-case characters
|
||||
const PwUpperChars string = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||
|
||||
// PwSpecialCharsHuman is the range of special characters in human-readable mode
|
||||
const PwSpecialCharsHuman string = "\"#%*+-/:;=\\_|~"
|
||||
|
||||
// PwSpecialChars is the range of special characters
|
||||
const PwSpecialChars string = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
|
||||
|
||||
// PwNumbersHuman is the range of numbers in human-readable mode
|
||||
const PwNumbersHuman string = "23456789"
|
||||
|
||||
// PwNumbers is the range of numbers
|
||||
const PwNumbers string = "1234567890"
|
||||
|
||||
// GetRange provides the range of available characters based on configured parameters
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package chars
|
||||
|
||||
// KoremutakeSyllables is a slightly modified Koremutake syllabels list based on
|
||||
// KoremutakeSyllables is a slightly modified Koremutake syllables list based on
|
||||
// the mechanism described on https://shorl.com/koremutake.php
|
||||
var KoremutakeSyllables = []string{"ba", "be", "bi", "bo", "bu", "by", "da", "de", "di",
|
||||
"do", "du", "dy", "fe", "fi", "fo", "fu", "fy", "ga", "ge", "gi", "go", "gu",
|
||||
|
|
|
@ -14,6 +14,7 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
// VersionString represents the current version of the apg-go CLI
|
||||
const VersionString string = "0.4.0-dev"
|
||||
|
||||
// Help text
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
|
||||
var cfgObj config.Config
|
||||
|
||||
// Make sure the flags are initalized
|
||||
// Make sure the flags are initialized
|
||||
var _ = func() bool {
|
||||
testing.Init()
|
||||
cfgObj = config.New()
|
||||
|
|
Loading…
Reference in a new issue