Utility for generating memorable passwords and converting random bytes into human-readable phrases
A JS library for generating random-yet-memorable passwords, either server-side in Node or in the browser. Each word provides 16 bits of entropy, so a useful password requires at least 3 words.
Because the wordlist is of exactly size 2^16, Niceware is also userful for convert cryptographic keys and other sequences of random bytes into human-readable phrases. With Niceware, a 128-bit key is equivalent to an 8-word phrase.
Demo: https://diracdeltas.github.io/niceware/
+8svofk0Y1o= and bacca cavort west volley are equally strong (64 bits of
randomness).To install:
npm install niceware
To generate an 8-byte passphrase:
const niceware = require('niceware')
// The number of bytes must be even
const passphrase = niceware.generatePassphrase(8)
// Result: [ 'deathtrap', 'stegosaur', 'nilled', 'nonscheduled' ]
To use Niceware in modern browsers, include
browser/niceware.js in a script
tag. Niceware is then available in the window.niceware object.
<script src='niceware.js'></script>
<script>
const passphrase = window.niceware.generatePassphrase(8)
</script>
Niceware uses window.{crypto, msCrypto}.getRandomValues for entropy in the browser.
Niceware is also available as a third-party Chrome extension, thanks to Noah Feder. https://chrome.google.com/webstore/detail/niceware-password/dhnichgmciickpnnnhfcljljnfomadag
NOTE: When used in the browser, Buffer is replaced with window.Uint8Array.
Array.<string>BufferArray.<string>Array.<string>Converts a byte array into a passphrase.
Kind: static method of niceware
| Param | Type | Description |
|---|---|---|
| bytes | Buffer | The bytes to convert |
BufferConverts a phrase back into the original byte array.
Kind: static method of niceware
| Param | Type | Description |
|---|---|---|
| words | Array.<string> | The words to convert |
Array.<string>Generates a random passphrase with the specified number of bytes.
NOTE: size must be an even number.
Kind: static method of niceware
| Param | Type | Description |
|---|---|---|
| size | number | The number of random bytes to use |
Niceware was inspired by Diceware. Its wordlist is derived from http://www-01.sil.org/linguistics/wordlists/english/. This project is based on my work on OpenPGP key backup for the Yahoo End-to-End project.
FAQs
Utility for generating memorable passwords and converting random bytes into human-readable phrases
The npm package niceware receives a total of 2,650 weekly downloads. As such, niceware popularity was classified as popular.
We found that niceware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."