Simple GUI program to generate random passphrases out of dictionaries in various languages. These passphrases are both easier to remember and stronger than most classical passwords composed of alphanumeric and special characters. Sample screenshot:
Currently Polish and English dictionaries are included. They are built into the binary, so there is no installer, no configuration files etc. To use, just download and run.
The file is digitally signed (spg.exe.sig). The signature is in OpenPGP format and can be verified using my PGP public key.
Usage
In one run 20 passphrases are generated so that you can choose one that looks best for you. Random separators between words are used to further strengthen these passphrases against bruteforce attacks. Sample passphrases:
Selma-Gybe-Lane-Intake Award!Lang!Gross!Lift Castor=Harms=Wound=Yacc
Security
With passphrase lengths ranging from 19 to 27 characters classic bruteforce attacks are unfeasible. The only feasible attack is dictionary attack trying all combinations (
Read this article for a more in-depth analysis: Effect of Grammar on Security of Long Passwords (or more popular discussion Want Stronger Passwords? Try Bad Grammar).
Crypto details
This program fully relies on Windows Cryptographic API (CryptGenRandom) to generate passhprase. It does not implement any proprietary algorithms. On startup, it will try to load strongest cryptographic provider available in host operating system (and will accept only PROV_RSA_AES or PROV_RSA_FULL).
If you see an error similiar to this then your operating system is too old to provide enough high-quality pseudorandom data and the program simply won’t run:
After random number generator is initialised, random words are selected from dictionary. The program uses “simple discard method” from NIST SP800-90 (B.5.1.1) to convert random bits to an integer number used to index the dictionary.
Source code
Source code is now hosted on GitHub: kravietz/secure-passphrase-generator.
It should compile both with Visual C/C++ and MinGW and work flawlessly on most Windows XP, Vista and 7 systems.