Skip to content

Instantly share code, notes, and snippets.

@alexmojaki
Last active January 2, 2022 19:58
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save alexmojaki/65f2db74871355d84dc599a2cd333dca to your computer and use it in GitHub Desktop.
Mini xkcd password generator
#!/usr/bin/env python
import random
from urllib.request import urlopen
lines = urlopen(
"https://raw.githubusercontent.com/first20hours/google-10000-english/master/google-10000-english-no-swears.txt"
)
words = list({
line.decode("utf8").strip()
for line in lines
if len(line) > 6
})
print("Unique words:", len(words))
print("Possible passwords ~", len(words) ** 4)
for i in range(20):
print("".join(random.sample(words, 4)))
@alexmojaki
Copy link
Author

The idea here is to generate passwords securely offline with so little code that it's easy to read and trust.

@overwatcheddude
Copy link

How random is "random.sample"?

@alexmojaki
Copy link
Author

It's not 'cryptographically secure' random, but I'm assuming (perhaps wrongly) that it doesn't matter since this is for a local script, not a web application or something, so there should be no way for an attacker to get information about the state of the random number generator. Or if they do, you probably have bigger things to worry about.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment