Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A configurable generator for memorable passphrases
mempass
is the CLI command, run npm i -g mempass
to use it in the command line
$ mempass -s = -t allcaps
METHANOL=TODDED=BROWNOUT
$ mempass 4 -s + -t randomcaps
DITT+syntexis+tithing+BARRATOR
$ mempass 2 -s "<>" -t capitalize
paterae<>rebraced
$ mempass [words] [options]...
words
is an optional number specifying the number of words in the passphrase
Note: not case-sensitive
Command | Description |
---|---|
-s , --separator | Symbol to use to separate the individual words (" " for space) |
-b , --beginningNumbers | Amount of digits to insert before the phrase |
-e , --endingNumbers | Amount of digits to append to the phrase |
-t , --transform | Tranformation of the words, see list below |
--min , --minLength | The minimum length of each word (0 for anything) |
--max , --maxLength | The maximum length of each word (0 for anything) |
Note: not case-sensitive
Name | Example |
---|---|
none | whatevers-in-Dictionary |
lower | all-lower-case |
everyOTHERcaps | every-OTHER-word-IS-caps |
Capitalize | First-Letter-Is-Capitalized |
rEVERSEcAPITALIZE | fIRST-lETTER-iS-lOWERCASE |
ALLCAPS | EVERY-LETTER-CAPITALIZED |
randomCAPS | random-words-ARE-capitalized |
You can use mempass programmatically
Install as a dependency with npm i -s mempass
var mempass = require("mempass")
// generates and returns a passphrase as a string
// possible options are in mempass.defaults
mempass.generate(options?)
// contains the default options object
mempass.defaults = {
words: 3,
minLength: 4,
maxLength: 8,
separator: "-",
beginningNumbers: 0,
endingNumbers: 0,
transform: "lower" // case insensitive
}
// contains the default transforms, detailed above
mempass.transforms
FAQs
A configurable memorable password generator
We found that mempass demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.