
Security News
GitHub Actions Supply Chain Attack Puts Thousands of Projects at Risk
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
github.com/francescoalemanno/cryptipass/v2
cryptipass is a flexible, high-entropy passphrase generator that creates secure, pronounceable passwords using a probabilistic model. It's designed for security-conscious developers who need memorable yet strong passphrases.
crypto/rand
) for generating passphrases.To install cryptipass
, use go get
:
go get github.com/francescoalemanno/cryptipass/v2
Then, import it into your project:
import "github.com/francescoalemanno/cryptipass/v2"
NOTE: We also have a CLI available for non-library uses.
Here's how to generate a passphrase using the default word style:
package main
import (
"fmt"
"github.com/francescoalemanno/cryptipass/v2"
)
func main() {
// Create a new cryptipass generator
gen := cryptipass.NewInstance()
// Generate a 4-word passphrase
passphrase, entropy := gen.GenPassphrase(4)
fmt.Println("Passphrase:", passphrase) //e.g. netica.peroundl.opantmene.symnals
fmt.Println("Entropy:", entropy)
}
Want more control over the pattern? Use GenFromPattern
:
// Generate a password with pattern: Word-Number-Symbol
pass, entropy := gen.GenFromPattern("w-d-s") // eg. opantmene-4-%
fmt.Println("Generated Password:", pass)
Possible patterns are formed by combining:
other symbols are interpolated in the final password and to interpolate one of the reserved symbols use escaping with "".
You can customize the word style by creating a new instance from your own token set:
myTokens := []string{"alpha", "bravo", "charlie", "delta"}
gen := cryptipass.NewCustomInstance(myTokens, 1) //instead of 1, try 2,3,4 to see the tradeoff between fidelity to the wordlist and entropy gain.
pass, entropy := gen.GenPassphrase(3)
fmt.Println("Custom Passphrase:", pass) //e.g. alphar.bravo.delta
fmt.Println("Entropy:", entropy)
Full API documentation is available at GoDoc.
cryptipass
is licensed under the MIT License. See LICENSE for details.
Contributions, issues, and feature requests are welcome! Feel free to check out issues or open a pull request.
cryptipass – Secure, flexible, and pronounceable passphrases for your Go applications.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Research
Security News
A malicious Maven package typosquatting a popular library is secretly stealing OAuth credentials on the 15th of each month, putting Java developers at risk.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.