The Readable Passphrase Generator generates passphrases which are (mostly) grammatically correct but nonsensical. These are easy to remember (for humans) but difficult to guess (for humans and computers).
Developed in C# with a KeePass plugin, console app and public API.
Recent Changes
- Version 0.6
- 500 verbs in default dictionary (1666 words in total)
Why use it?
Because you can make passphrases which are as strong as traditional "strong" passwords (8 letters long, upper, lower, numbers, etc) which you can memorise in 5 minutes instead of 5 days. (And its fun to read the phrases it generates!)
Use this passphrase to protect:
- Your KeePass, 1Password or favourite password manager database.
- You computer login at home or work.
- Your eBay, Facebook, Google, OpenID or other high value account.
- Your Internet banking account.
Some examples passphrases:
- Normal strength: a wound rebuffs an incline
- Strong strength: the statesman will burgle amidst lucid sunlamps
- Insane strength: plaid foresails repel ashamedly upon the birdbath
Download KeePass plugin (required KeePass Password Safe) or Window Console Application.
Read step by step KeePass installation instructions.
Why Bother At All?
(Warning: geek stuff follows)
Because
XKCD wrote a cool comic about
password strength! And when
Jeff Atwood and
Ars Technica kick up a stink, well you listen.
More seriously, we're told the best password is at least 8 characters long, contains upper and lower case letters, numbers and punctuation symbols. Unfortunately, this makes the "best" password something which looks like gibberish and is, frankly, quite hard for ordinary people to remember.
Perhaps something like:
3h4o.%\vJACj I used to generate 12-16 character passwords like this and memorise them. It would commonly take up to two weeks of typing them in multiple times per day. All told, I've memorised perhaps 10 of these in my life. They get used for my KeePass database, Windows logons (at work and home) and Trucrypt volume, but nothing else because I can't afford to memorise any more (lest I memorise a password and my address falls out of my brain!).
That is all too hard!
So we resort to taking a some word from the dictionary, capitalise a few letters, turn an o into a 0 and stick some punctuation at the end: like our friend
Tr0ubador&3 . Only problem is, while that is easy to remember (well,
easier according to XKCD), its also trivially easy for a computer to guess.
I memorised
the statesman will burgle amidst lucid sunlamps after typing it twice. And, even if some evil hacker knows my dictionary (which it will, because its included with this project), that passphrase is still equivalent to a 7 letter password with upper, lower, numbers and symbols (using a tiny 750 word dictionary).
Much, much easier, I think. (So does my wife!)