This commit updates the password generator to now include a binary mode. This mode produces a 256 bits long fully binary secret which can be used for AES-256 encryption. New flags `-bh` (print hex representation) and `-bn` (new line after secret) have been added for this mode. The version has also been updated to 1.0.1 recognizing this new addition.
We've added new configuration options for setting minimum counts of lowercase, numeric, special, and uppercase characters in passwords. The HIBP check feature has also been removed due to redundancy. Note: High values for these character minimums may lead to long calculation times.
This commit introduces new methods to enable HIBP checks, exclude specific characters, and set a fixed password length in the password generator configuration. It also includes tests to verify that these new options work correctly in the password configuration.
This commit introduces the .gitignore configuration file and adds SPDX headers to several files including test and documentation files. The headers provide license information in a standardized format which can be easily picked up by automated tools for license compliance checks. Additionally, it deleted a .idea/.gitignore file, which is a project specific IDE configuration file not necessary for the repository. It also introduced a README.md file providing more insightful information about the project.
The code now supports the configuration parameter 'ExcludeChars', which gives users the ability to specify particular characters that should not be included in the generated passwords. This addition was fully implemented both on config.go and random.go, while the relevant option flag was also added to apg.go for user interaction.
Implemented HIBP password check feature which will crosscheck generated passwords with the HIBP pwned passwords database. This functionality enhances security by not recommending potentially compromised passwords. A new flag, CheckHIBP has been added to enable or disable this feature.
The spelling of "Pronounceable" has been adjusted throughout the code. Moreover, a new functionality for producing pronounceable passwords spelled as correlating syllables has been integrated. This includes relevant changes to password character sets used for pronounceable passwords and enhancements to test this new feature.
The update introduces a new 'SpellPassword' setting in the configuration that, when enabled, spells out the generated passwords in the phonetic alphabet. The accompanied changes include the addition of 'spelling.go' and 'spelling_test.go' files containing the spelling logic and corresponding tests. The domain-specific error handling is also enhanced for unsupported characters.
The password generation algorithm is now customizable via the `WithAlgorithm()` function, giving users more control over password generation. Tests have been added to 'config_test.go' to ensure correct functionality of the new option. Additionally, the variable naming in 'config.go' has been improved for better readability.
Added comments for minimum requirements parameters in config.go to provide clarity on their purpose. This was necessary to increase code readability, making it easier for future developer reference.
Replaced all instances of "Number" with "Numeric" in the password
generator. This modification will make the password generation code
more intuitive and readable. Moreover, minimum character requirements
were added for each character type, giving more flexibility to the
password generation settings.
A FixedLength field was added to the Config struct and a corresponding command line flag was added in `apg.go`. The field allows for the generation of passwords of a fixed length, overriding the MinLength and MaxLength values if present. Revised the `random.go` script to accommodate this change. The option for fixed length enhances the flexibility and customization of the password generation tool.
Updated the password generator to include default modes for characters along with options to enable complex password mode and toggle specific character types in passwords from the command line. This allows for greater customization and more user control in password generation, especially useful for applications with unique password requirements."
The naming and handling of mode bitmasks have been refactored for improved code readability and maintainability. The term "Mode" was replaced with "ModeMask" for clarity and all associated functions were renamed accordingly (e.g., "SetMode" to "MaskSetMode"). These changes provide better insight into the function of the code and increase understandability for future development efforts. The command-line utility now also supports specifying modes via the "-M" flag.
Refactored the generator to include a new config option, changed function signatures to follow the new structure, and renamed the function 'RandomString' to 'RandomStringFromCharRange' for clarity. Also, added a new mode and algorithm feature to enhance password generation. Furthermore, added several tests for new features and configurations. Adapted the CLI to use the new configuration approach. This refactoring was necessary to improve the customizability and clarity of the password generation process. Fixed minor issues and added '.gitignore' for clean commits in the future.
Even though the generated passwords are generated in a secure
way, there is a minimal chance, that the same password was used
by someone before and this password was part of a leak.
If you want to be on the safe side, you can now use the "-p"
parameter, to have your newly generated password against the
HIBP (https://haveibeenpwned.com) database. This feature is
disabled by default, since it requires internet access and also
the API call might take ~500ms to 1sec.
The previous behavior was wrong in a way, that default values
like "use lower case" defaulted to true and using the -L param
would not set it to false, but simple keep the true default which
made the parameter useless.
Now all parameters still use the same defaults but setting the
corresponding flag on the CLI will negate the default, so using
-L on the CLI would set "useLowerCase" to false instead of the
default of true.
To address issue #13, the password length behaviour of the
original APG has been reproduced. Previously, when a minLength
of 5 and a maxLength of 10 was given, apg-go se the pwLength to
the preferred maxLength.
With v0.3.1 it will choose a random length between minLength and
maxLength instead, same as the original C-lang apg did. For this
the minLength has been defaulted to a sane value of 12 (instead
of the 8 of the original apg). The default for maxLength stayed
at 20.
Also the default number of generated passwords has been changed
from 1 to 6, to replicate the behaviour of the original apg.