-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathindex.html
87 lines (78 loc) · 4.63 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; frame-src 'none';">
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<meta name="description" content="Secure multi-word passphrases generated in your browser">
<link rel="stylesheet" type="text/css" media="screen" href="stylesheets/stylesheet.css">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script type="text/javascript" src="javascripts/wordlists.js"></script>
<script type="text/javascript" src="javascripts/crypto_random_generator.js"></script>
<script type="text/javascript" src="javascripts/passphrase_generator.js"></script>
<script type="text/javascript" src="javascripts/main.js"></script>
<title>Passphrase Generator</title>
</head>
<body>
<!-- HEADER -->
<div id="header_wrap" class="outer">
<header class="inner">
<a id="forkme_banner" href="https://github.com/danstiner/password-generator">View on GitHub</a>
<h1 id="project_title">Passphrase Generator</h1>
<h2 id="project_tagline">Secure multi-word passphrases generated in your browser</h2>
</header>
</div>
<!-- MAIN CONTENT -->
<div id="main_content_wrap" class="outer">
<section id="main_content" class="inner">
<p>
This phrase consists of
<span class="dropdown">
<span id="passphrase_generation_symbol_count" class="text-decoration-underline-dotted">four</span>
<span class="dropdown-content" id="passphrase_generation_symbol_counts">
<a href="#" data-value=4>four</a>
<a href="#" data-value=5>five</a>
<a href="#" data-value=6>six</a>
</span>
</span>
random words in a phrase. It should be easy to remember but hard to guess, making it a good password.
</p>
<div class="passphrase_block">
<span><span id="generated_passphrase"></span><br>
<span>
<span id="time_to_guess_offline" data-rate=10000000000></span>
<span>at ten billion guesses/sec</span>
</span><br>
<span id="generated_passphrase_entropy"></span><br>
<span id="passphrase_generation_error" class="alert alert-danger"></span>
</div>
<br>
<div id="comic">
<span>Inspired by the following <a href="https://xkcd.com">xkcd</a> comic strip:</span>
<a href="https://xkcd.com/936/">
<img class="containwidth" src="images/password_strength.png" title="To anyone who understands information theory and security and is in an infuriating argument with someone who does not (possibly involving mixed case), I sincerely apologize." alt="Password Strength">
</a>
</div>
<p>
<h2>More information</h2>
<ul>
<li>Check if your existing passwords have been compromised at <a href="https://haveibeenpwned.com/">haveibeenpwned.com</a></li>
<li>All computation is done locally in your browser using javascript, no passphrase data is sent or received from any server</li>
<li>The randomness comes from the cryptographically secure <a href="https://developer.mozilla.org/en-US/docs/Web/API/RandomSource/getRandomValues">getRandomValues</a> function</li>
<li>Time to guess estimate assumes offline cracking a weak hash of the passphrase at ten billion guesses per second. This is conservative, but is plausible given how often password data breaches happen and the doubling of computer speed each year.</li>
<li>Common word list contains 2075 words, derived from the <a href="https://github.com/danielmiessler/SecLists/tree/gmaster/Passwords">10,000 most common passwords</a> which were words in <a href="http://wordlist.aspell.net/12dicts-readme/#223cmn">a dictionary</a> but not <a href="http://www.bannedwordlist.com/">swear words</a> or proper nouns.</li>
<li>View the <a href="https://github.com/danstiner/password-generator">source code on GitHub</a>. It is purposefully simple to allow easy verification.</li>
<li>Donations accepted via Bitcoin: <a href="bitcoin:1FZcTQUjxDhnbA658GuoLEzqTan9VtiUP8">1FZcTQUjxDhnbA658GuoLEzqTan9VtiUP8</a></li>
</ul>
</p>
</section>
</div>
<!-- FOOTER -->
<div id="footer_wrap" class="outer">
<footer class="inner">
<p class="copyright">Passphrase Generator maintained by <a href="//danielstiner.com">Daniel Stiner</a></p>
<p>Published with <a href="https://pages.github.com">GitHub Pages</a></p>
</footer>
</div>
</body>
</html>