anyhotpass-lib

AnyHotPass is a password library that produces passwords similar to the Safari suggested password feature on iOS devices.
It also borrows ideas from [SuperGenPass][sgp] that generates password for a website from a master password and the domain
of the site. This allows the user to have a unique password for every website, while still only having to remember the one
master password.

NPM module

shell

npm install anyhotpass-lib







Usage

javascript

import generate from 'anyhotpass-lib';



// A string containing the user's master password.

const masterPassword = 'master-password';



// Domain of the site password is generated for

const domain = 'example.com';



// Length of the password. This does not include the dashes every 6 characters, Total length for 18 characters is 20.

const length = 18;



// Generate the password.

const password = generate(masterPassword, domain, length);





Password format



AnyHotPass tries to replicate the password format of the suggested passwords generated by Safari in iOS. Some examples of passwords are:



jixnic-6kehte-Nitryx

cavzep-haxNic-5bymxe

nihvit-3visde-Tyqvet

Lexbos-womnur-tegde1





These passwords are attractive because they resemble words, and are almost pronouncable. 



The password rules I have observed from studying iOS generate passwords are:



1. There are groups of 3 characters (trigraphs) consisting of a consonant, vowel (plus y) and consonant

2. Pairs of trigraphs are then separated by dashes

3. iOS suggested passwords are 20 characters long, including the dashes

4. One uppercase letter

5. Uppercase letter can occur anywhere (see rule 10)

6. One number

7. The password cannot start with a number

8. The number can be at the start of a 6 character group, shifting the other characters forward meaning the group will end in a vowel

9. The number can also occur at the end of a 6 character group, replacing the final consonant.

10. The number and uppercase letter cannot be in the same 6 character group

11. The following letters are not allowed:

['O', 'l', 'L']





I have adhered to the rules above except that I am allowing

'L'

.



Tests



Run

npm test or simply jest`

Dependencies and license

Hash functions are provided by [crypto-js][crypto-js]. All original code is
released under the [GPLv2][gplv2].

Thanks

This library relies heavily on the ideas behind [SuperGenPass][sgp].

[sgp]: https://chriszarate.github.io/supergenpass/
[crypto-js]: https://www.npmjs.org/package/crypto-js
[gplv2]: http://www.gnu.org/licenses/gpl-2.0.html

NPM module

shell
npm install anyhotpass-lib

Usage

javascript
import generate from 'anyhotpass-lib';

// A string containing the user's master password.
const masterPassword = 'master-password';

// Domain of the site password is generated for
const domain = 'example.com';

// Length of the password. This does not include the dashes every 6 characters, Total length for 18 characters is 20.
const length = 18;

// Generate the password.
const password = generate(masterPassword, domain, length);

Password format

AnyHotPass tries to replicate the password format of the suggested passwords generated by Safari in iOS. Some examples of passwords are:

jixnic-6kehte-Nitryx
cavzep-haxNic-5bymxe
nihvit-3visde-Tyqvet
Lexbos-womnur-tegde1

These passwords are attractive because they resemble words, and are almost pronouncable.

The password rules I have observed from studying iOS generate passwords are:

1. There are groups of 3 characters (trigraphs) consisting of a consonant, vowel (plus y) and consonant
2. Pairs of trigraphs are then separated by dashes
3. iOS suggested passwords are 20 characters long, including the dashes
4. One uppercase letter
5. Uppercase letter can occur anywhere (see rule 10)
6. One number
7. The password cannot start with a number
8. The number can be at the start of a 6 character group, shifting the other characters forward meaning the group will end in a vowel
9. The number can also occur at the end of a 6 character group, replacing the final consonant.
10. The number and uppercase letter cannot be in the same 6 character group
11. The following letters are not allowed:

I have adhered to the rules above except that I am allowing

Tests

Run

or simply