A codesections project | Source available on GitHub or GitLab
pass-gen is a command-line utility that generates secure, pronounceable passphrases which can be used on their own, copied to a GUI password manager, or piped directly into a password manager that accepts standard input.
Password security is important. But imagine you need to log into your email account from a computer at the library. Which password would you rather type in:
skirt?UNSTEADY?legend?SUPERJET?livable?DINGBAT?507? What if I told you that the second one is just as secure as the first?
Anytime you might need to type in a password, or read a password out to someone else, or use a password on a device that doesn't have your password manager installed—that is, anytime at all—you would be better off using a securely generated passphrase.
Of course, that doesn't mean that you shouldn't use a password manager for those times when you don't need to type your password in. So, ideally you'd want a password generator that plays well with your password manager. In the Unix tradition, the best way for one tool to play well with another is to produce plain-text standard output.
pass-gen does exactly that. Use it to generate secure, pronounceable passphrases and then pipe them on to any other tool that accepts standard input.
To install pass-gen, run the following command in your terminal:
git clone https://gitlab.com/codesections/pass-gen.git && \ cd pass-gen && \ sudo make install
If you ever need to uninstall, run the following command from the pass-gen directory:
sudo make uninstall
See the manual page for full details (after installing pass-gen, run
man pass-gen) or run
pass-gen --help for shorter information.
$ pass-gen Generated passphrase copied to clipboard. Will clear in 45 seconds.
$ pass-gen -e Generated passphrase copied to clipboard. Will clear in 45 seconds. OUTTHINK-barman-AFTERMOST-liqueur-LANDLORD-jovial-134
$ pass-gen --padding-before 2 --padding-after 1 --length 7 -e Generated passphrase copied to clipboard. Will clear in 45 seconds. 34OUTBREAK^caucus^PROBLEM^attempt^CARLESS^outsell^CORRECT^8
Usage with pass, the standard Unix password manager:
$ pass-gen -e | pass add -e USERNAME Generated passphrase copied to clipboard. Will clear in 45 seconds. [master 8563f73] Add given password for USERNAME to store. 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 USERNAME.gpg
If you do not wish to pass command-line options to pass-gen, you may optionally create a ~/.passgenrc file to specify default values different from the built-in defaults.
Example ~/.passgenrc configuration file;
word-list=~/pass-gen/wordlists/Beale_wordlist echo-password padding-after=1 padding-before=1 character-list=~/pass-gen/character-lists/ASCII_symbol_list
There are many alternative passphrase generators. I believe they all have some issues, which is why I wrote pass-gen. However, in the interest of full disclosure, I list them all below.
pass-gen is under active development and would welcome new contributors. pass-gen is currently co-hosted on both GitLab and GitHub, so please feel free to file issues, make pull requests, or otherwise contribute through either site. Also feel free to submit bug reports or patches via email, either to firstname.lastname@example.org or to email@example.com.