npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

secure-pin

v1.0.14

Published

A cryptographically secure pin code generator with string support

Downloads

9,852

Readme

A simple and cryptographically secure way to generate PIN codes and Strings. Has no dependencies and includes Typescript definitions.

GitHub stars Build Status codecov npm Beerpay Beerpay Homepage

Installation

From NPM

npm install secure-pin

Typescript

import * as securePin from "secure-pin";

Javascript

var securePin = require("secure-pin");

Generate PIN

Signature

securePin.generatePin(length : number, callback: (pin: string) => void);
  • The length can be any number > 0

Example

securePin.generatePin(4, (pin)=> {
    console.log("Pin: " + pin);
})

Returns

Pin: 1234

Synchronously

You can also generate a pin synchronously with generatePinSync

var pin = securePin.generatePinSync(4);

Generate Numbers

Methods also exist to securely generate numbers within a given range

Async

securePin.generateInt(0, 100, function(int) {
    console.log(int);
});

Synchronously

var int = securePin.generateIntSync(0, 100);
console.log(int);

Generate String

In order to generate a string, first you must create a character set. This can either be an array of characters, or the built-in CharSet class

var charSet = new securePin.CharSet();

Then, you need to add characters to the set. The class has a couple functions to add basic characters, as well as some extra functions.

  • addLowerCaseAlpha() Adds the characters a-z to the set. Returns the CharSet.
  • addUpperCaseAlpha() Adds the characters A-Z to the set. Returns the CharSet.
  • addNumeric() Adds the characters 0-9 to the set. Returns the CharSet.
  • addSpecialCharacters() Adds the characters !"#$%&'()*+,-./:;<=>?@[\]^_\{|}~. Returns the CharSet.
  • addCharacter( char ) Adds the specified characters to the set. Can be either a, abc, or ["a", "b", "c"]. Returns the CharSet.
  • randomize() Randomizes the characters in the set, providing greater entropy. Returns the CharSet.
  • removeChar( char ) Removes the specified characters from the set. Can be either a, abc, or ["a", "b", "c"]. Returns the CharSet.

Example

var charSet = new securePin.CharSet();
charSet.addLowerCaseAlpha().addUpperCaseAlpha().removeChar("aA").randomize();

Once you have your CharSet created, pass it along to the string generator and generate a string!

var charSet = ...
...
securePin.generateString(15, charSet, function(str) {
	console.log(str);
});

Synchronous Example

var charSet = ...
...
var str = securePin.generateStringSync(15, charSet);
console.log(str);

Default CharSet

A default character set is also exported, it contains both upper and lower case letters, as well as numeric characters.

securePin.generateString(15, securePin.defaultCharset, (str)=>{
    console.log(str);
})

PIN Entropy

Secure-Pin uses a cryptographically secure method of generating pins, ensuring a high amount of entropy

Entropy Graph

Above is a graph of 100,000 randomly generated 4 Digit PINs, with an even distribution across the graph.

The X-Axis represents the PIN number/1000.0f, the Y-Axis represents the amount of times the PIN was generated during the 100,000 cycle.

String Entropy

String generation uses the same cryptographically secure routines as the PIN generation. The result is a secure string generator with a very low collision rate.

Below is a sample of a 5 character alphanumeric string, with both upper and lowercase letters.

Collision | Generation | Collided String
----------|------------|----------------
1         | 36368      | V81w4
2         | 64478      | TfYqX
3         | 66830      | kNtBL
4         | 81599      | c5MQH
5         | 86058      | neddv
6         | 88481      | MqHq6
7         | 92785      | wVMep
8         | 94769      | y0uNQ
9         | 94896      | bUERh
10        | 94941      | vKBY7
...
290       | 671944     | JpYhU
291       | 672343     | aLL0D
292       | 674242     | TNnj4
293       | 674632     | Tv9Xp
294       | 674796     | 7dFX6
295       | 675841     | R3weS
296       | 677368     | mwftq
297       | 677385     | O3Lmf
298       | 677507     | 2bOwb
299       | 677818     | 4xQEL
300       | 678343     | KhNZW

At the start of the generation, the first collision only occurs after 36,368 strings are generated. As we move later on in the generation we see that the collisions happen more frequently. This is to be expected, as we're only using a 5 character string.

10 Character string

Let's increase the string size to 10 characters and see what happens.

Collision | Generation | Collided String | Collision Chance
----------|------------|-----------------|-----------------
2796203 Collisions: 0
<--- Last few GCs --->

[25568:0000014404C51BE0]   355188 ms: Mark-sweep 1063.7 (1200.0) -> 1063.6 (1200.0) MB, 2444.7 / 0.0 ms  allocation failure GC in old space requested

Oh, we ran out of memory. Apparently we managed to generate 2,796,203 strings without a single collision!