New Diceware passphrase generator #373
Conversation
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
b289f99 to
e9a075b
Compare
src/core/PassphraseGenerator.cpp
Outdated
| m_wordlist.append(in.readLine()); | ||
| } | ||
|
|
||
| if (m_wordlist.size() < 1000) { |
There was a problem hiding this comment.
@TheZ3ro why this limit? Why not rely on the entropy meter to let the user know that the word list is too small?
There was a problem hiding this comment.
@louib The limit is for preventing users use small wordlist. The entropy-meter will let the user use a phassphrase with 5 word from a 10-word wordlist but the user can simply ignore the "Password Quality: Bad" label and go with it.
There was a problem hiding this comment.
IMHO 1000 is also way too low.
There was a problem hiding this comment.
@phoerious EFF short and EFF short distant wordlist are 1200 words long
There was a problem hiding this comment.
I don't really see a reason to use the short lists.
There was a problem hiding this comment.
4000 is a fair limit?
src/core/PassphraseGenerator.cpp
Outdated
|
|
||
| // In case there was an error loading the wordlist | ||
| if(m_wordlist.length() == 0) { | ||
| QString empty; |
There was a problem hiding this comment.
@TheZ3ro could we do return QString(); here instead?
src/core/PassphraseGenerator.cpp
Outdated
| } | ||
|
|
||
| QString passphrase; | ||
| for (int i = 0; i < m_length; i ++) { |
src/core/PassphraseGenerator.cpp
Outdated
| QString passphrase; | ||
| for (int i = 0; i < m_length; i ++) { | ||
| int word_index = randomGen()->randomUInt(m_wordlist.length()); | ||
| passphrase.append(m_wordlist.at(word_index)); |
There was a problem hiding this comment.
@TheZ3ro purely stylistic, but here you could create a QStringList of all the randomly chosen words, and then use QStringList::join(m_separator).
QStringList words;
for (int i = 0; i < m_length; ++i) {
int wordIndex = randomGen()->randomUInt(m_wordlist.length());
words.append(m_wordlist.at(wordIndex))
}
return words.join(m_separator);
src/core/PassphraseGenerator.cpp
Outdated
| QString passphrase; | ||
| for (int i = 0; i < m_length; i ++) { | ||
| int word_index = randomGen()->randomUInt(m_wordlist.length()); | ||
| passphrase.append(m_wordlist.at(word_index)); |
src/gui/PasswordGeneratorWidget.cpp
Outdated
| @@ -54,6 +62,12 @@ PasswordGeneratorWidget::PasswordGeneratorWidget(QWidget* parent) | |||
| m_ui->entropyLabel->setFont(defaultFont); | |||
| m_ui->strengthLabel->setFont(defaultFont); | |||
| } | |||
|
|
|||
| m_ui->comboBoxWordSeparator->addItems(QStringList() <<" " <<"#" <<";" <<"-" <<":" <<"." <<"@"); | |||
There was a problem hiding this comment.
@TheZ3ro shouldn't there be spaces around the << operators?
<< " " << "#" << ";" << "-" << ":" << "." << "@"
| @@ -65,6 +79,7 @@ PasswordGeneratorWidget::~PasswordGeneratorWidget() | |||
|
|
|||
| void PasswordGeneratorWidget::loadSettings() | |||
| { | |||
| // Password config | |||
There was a problem hiding this comment.
@TheZ3ro we should remove the space at 87 to group all the password config then.
| @@ -196,13 +248,13 @@ void PasswordGeneratorWidget::colorStrengthIndicator(double entropy) | |||
| // Set the color and background based on entropy | |||
| // colors are taking from the KDE breeze palette | |||
| // <https://community.kde.org/KDE_Visual_Design_Group/HIG/Color> | |||
| if (entropy < 35) { | |||
| if (entropy < 40) { | |||
There was a problem hiding this comment.
@TheZ3ro maybe these thresholds could be configurable at some point, for users that have different security requirements.
There was a problem hiding this comment.
I don't know. I think the current entropy value are almost nice for the current password cracking technology.
There was a problem hiding this comment.
@TheZ3ro but a user might also want to increase those values.
src/gui/PasswordGeneratorWidget.cpp
Outdated
| m_generator->setLength(m_ui->spinBoxLength->value()); | ||
| m_generator->setCharClasses(classes); | ||
| m_generator->setFlags(flags); | ||
| m_dicewareGenerator->setLength(m_ui->spinBoxWordCount->value()); |
There was a problem hiding this comment.
@TheZ3ro setLength is a bit ambiguous, since it's not really the length of the resulting passphrase, but instead its word count. In fact, the name of the spin box is wordCount. Why not setWordCount?
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
b59854e to
4d547d3
Compare
|
@TheZ3ro I tested the new feature locally (not extensively though). Works great! |
|
@louib have you tried the 2 problem described in the first post? |
|
@TheZ3ro no, I only tested the basic functionalities (generating and changing the settings, apply, etc) |
|
Could you please add the underscore ( _ ) as an option for word separator? It acts as a space, while still being a printable character. Also, unlike the dash ( - ), it won't conflict with words in the list. Some words in the list are hyphenated. If anything, I think that dash should not be an option. But if I have to choose one thing to change, it would be to add the underscore. With popular sites like reddit allowing underscore and twitter making it the only acceptable punctuation, the underscore is not as obscure. (Certainly not as obscure as backtick or backslash or pipes.) |
|
@J-J-Chiarella yes of course |
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
4d547d3 to
1137a9e
Compare
|
Rebased on top of develop |
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
ea970bd to
c8b8e97
Compare
|
Couple of things:
|
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
c8b8e97 to
30cfb16
Compare
|
|
TheZ3ro
changed the title
src/core/PassphraseGenerator.cpp
Outdated
|
|
||
| } | ||
|
|
||
| void PassphraseGenerator::setWordlist(QString path) |
TheZ3ro
force-pushed
the
feature/new-password-generator
branch
from
f4451ab to
0c75584
Compare
|
Rebased and fixed @louib |
|
@phoerious are we good with this one? |
|
Excellent work on this everyone, this is a fantastic enhancement to the password generator! |
|
@TheZ3ro Thanks for doing this! Sorry I couldn't be more help. Life got busy 😬. |
- Added YubiKey 2FA integration for unlocking databases [#127] - Added TOTP support [#519] - Added CSV import tool [#146, #490] - Added KeePassXC CLI tool [#254] - Added diceware password generator [#373] - Added support for entry references [#370, #378] - Added support for Twofish encryption [#167] - Enabled DEP and ASLR for in-memory protection [#371] - Enabled single instance mode [#510] - Enabled portable mode [#645] - Enabled database lock on screensaver and session lock [#545] - Redesigned welcome screen with common features and recent databases [#292] - Multiple updates to search behavior [#168, #213, #374, #471, #603, #654] - Added auto-type fields {CLEARFIELD}, {SPACE}, {{}, {}} [#267, #427, #480] - Fixed auto-type errors on Linux [#550] - Prompt user prior to executing a cmd:// URL [#235] - Entry attributes can be protected (hidden) [#220] - Added extended ascii to password generator [#538] - Added new database icon to toolbar [#289] - Added context menu entry to empty recycle bin in databases [#520] - Added "apply" button to entry and group edit windows [#624] - Added macOS tray icon and enabled minimize on close [#583] - Fixed issues with unclean shutdowns [#170, #580] - Changed keyboard shortcut to create new database to CTRL+SHIFT+N [#515] - Compare window title to entry URLs [#556] - Implemented inline error messages [#162] - Ignore group expansion and other minor changes when making database "dirty" [#464] - Updated license and copyright information on souce files [#632] - Added contributors list to about dialog [#629]
|
Would be great if we can use a diceware list in our mother language, like portuguese. |
|
You can change the eff_large.wordlist to whatever you want. |
|
@jeisoncp even better, place your wordlist file in the wordlist/ folder for your KeePassXC installation and a DropDown button will appear for selecting the wordlist to use |
|
@TheZ3ro Great, thanks by the advice. Maybe this files could be placed in default installation. |
phoerious
added
pr: new feature
closes #21
Description
This PR adds a diceware-like passphrase generator.
It's possible to select the Word Count, the Word Separator and the Word List.
Currently 3 worlist are included (EFF Long, EFF Short and EFF Short Distant).
The Passphrase entropy is calculated by
log2(wordlist.size) * wordcount.All the options are automatically loaded and saved.
Advanced users If you want to add a different wordlist by yourself, you can add it in the KeePassXC installation folder. This will require a restart to see the wordlist in the comboBox.
If you select a wordlist with less 1000 words, the generator won't let you generate passphrase unless you select another wordlist.
I've removed the old PasswordComboBox widget since it isn't used anymore.
Problems that needs fix:
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist: