3 comments

[ 3.0 ms ] story [ 14.1 ms ] thread
Library here: https://github.com/passhelp/passhelp (accessible via footer as well)

Basically, I got tired of googling for "password generator" and getting garbage results. "Garbage" meaning the password generator had billions of options, generated things server-side, was super opaque, etc.

I feel like this is as simple as it gets, from a usability standpoint and from a code standpoint. The source is small and auditable (e.g., here's the RNG which is backed by WebCrypto/'crypto' in node: https://github.com/passhelp/passhelp/blob/master/src/random/...)

It was interesting to look a the strongest case and think "that's got way too many symbols" and then step back and realize that randomly distributing characters across the entire range of my keyboard would probably have more symbols and numbers than what I think looks random.

Anyway, I'm glad the source is available since having a website generate passwords sort of defeats the idea of not winding up in a rainbow table.

Curious, in part because I did not look at the source, if PassHelp selects based on the user's character set.

Heh, I always think that about symbols as well.

It doesn't currently do anything smart with your character set; right now it uses characters you'd find on a US keyboard. That is something I'd like to look into.