Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
xkpasswd
Advanced tools
Readme
Memorable password generator, inspired by a PERL module powering xkpasswd.net/s/
Also available in Go: xkpasswd-go
You can use xkpasswd as a module in your application.
EXAMPLE
var xkpasswd = require('xkpasswd');
console.log(xkpasswd());
valuable=bear=difference=53
console.log(xkpasswd({complexity: 5, separators: '#+-'}));
addition#wheat#congress#manner#lonely#20
console.log(xkpasswd({wordList: __dirname + '/myWordList.json'}));
apple#grape#banana
You can also use xkpasswd command in your terminal if you install the package
globally (npm install xkpasswd -g
).
CLI OPTIONS
xkpasswd --complexity <number> --separators <string> --pattern <string> --transform <string> --number <number> --wordList <string>
xkp
alias for is also provided for convenience.
You can use it interchangeably with xkpasswd
command.
You can specify complexity
argument in accordance with complexity levels table. Defaults to 2.
If specified pattern
argument overrides the pattern derived from complexity level.
If separators
are provided they are used instead of the standard set (see complexity levels).
One separator is used per password, picked randomly from the provided set.
You can set transform
option to alternate
or uppercase
to trigger case transformation.
To generate multiple passwords at once you can specify the desired
amount with the number
argument. Defaults to 1.
Finally if you'd like to use a custom list of words you can provide it
as a JSON file, text file or an array via wordList
function.
Using hyphen (-
) as a separator
Due to the way the arguments are parsed make sure to use equals sign instead of space
if you'd like to use a hyphen (-
) as your separator: xkpasswd -s=-
.
EXAMPLE Default behaviour
$ xkpasswd
hide+threw+money+61
EXAMPLE Specify complexity
$ xkpasswd -c 5
join=industrial=wide=direction=lungs=16
$ xkpasswd -c 6
57!FIFTHLY!astronauts!AFFECTEDLY!nymphs!TRUSTLESSNESSES!06
EXAMPLE Specify custom pattern
$ xkpasswd -p wdwd
adjective3solar6
EXAMPLE Specify custom word list / dictionary
$ xkpasswd -wordList myWordList.json
orange.apple.banana
$ xkpasswd -dict myWordList.txt
kiwi-strawberry-grape
EXAMPLE Specify complexity, custom separators and number of passwords
$ xkpasswd -c 3 -s '#!+' -n 5
dog!friend!successful!47
other#sell#close#01
hyperspatial+polyvalences+inquirendo+03
war#reassemble#inventress#93
gainsays+illumes+discontiguity+86
Patterns can consist of any combination of words, digits and separators. The first letters (w, d and s respectively) are used in pattern string provided to the password generation function.
For example:
w
will return a single word (i.e. demographics
). Use w
for lowercase and W
for uppercase.wsd
will return a word and a digit, separated by one of the permitted separators (i.e. storm#7
)wswsdd
will return two words followed by a two digit number, all with separators between (i.e. delates+dissembled+16
)There are 6 complexity levels specified which can be used to provide default patterns as well as trigger additional features, such as alternate casing between words and expanded sets of separators.
Complexity | Pattern | Separators |
---|---|---|
1 | wsw | #.-=+_ |
2 | wswsw | #.-=+_ |
3 | wswswsdd | #.-=+_ |
4 | wswswswsdd | #.-=+_ |
5 | wswswswswsd | #.-=+_!$*:~? |
6 | ddswswswswswsdd | #.-=+_!$*:~?%^&; |
In addition level 6 alternates upper and lower case between words.
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
FAQs
Memorable password generator
The npm package xkpasswd receives a total of 231 weekly downloads. As such, xkpasswd popularity was classified as not popular.
We found that xkpasswd demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.