npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

xkcd-password

v2.0.0

Published

Creates an XKCD-style password based on your parameters. Includes a CLI (xkcd-password) for your convenience, and a default wordlist. Supports both a callback-based API and Promises/A+.

Downloads

170

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

fardogfardog

Keywords

passwordxkcdwordsrandom

Readme

XKCD Password Generator

Build Status Dependency Status

Creates an XKCD-style password based on your parameters. Includes a CLI (xkcd-password) for your convenience, and a default wordlist. Supports both a callback-based API and Promises/A+.

Warning: I am not a cryptographer, or any sort of password expert. An audit would be greatly appreciated.

Installation

To install the module for use in your projects:

npm install xkcd-password

Or a global install to get the commandline client:

npm install xkcd-password -g

This will make the xkcd-password command available on your path.

Usage

This can be used both as a module in another application, or when installed globally, via a commandline application.

CLI

$ xkcd-password --help

Usage: xkcd-password [options]

Options:
   -n, --numWords    The number of words to generate for your password.  [4]
   -m, --minLength   Minimum lengh of words chosen for the generated password.  [5]
   -x, --maxLength   Maximum length of words chosen for the generated password.  [8]
   -f, --wordFile    The newline-delimited list of words to be used as the source.
   -s, --separator   The separator character to use between words when output to the console.  [ ]
   --version         print version and exit

Module

var xkcdPassword = require('xkcd-password')
var pw = new xkcdPassword()

var options = {
  numWords: 4,
  minLength: 5,
  maxLength: 8
}

// using callbacks
pw.generate(options, function (err, result) {
  console.log(result)  // ['distome', 'pantries', 'sending', 'weiner']
})


// or, with promises
pw.generate(options).then(function (result) {
  console.log(result) // [ 'crambo', 'piled', 'procural', 'plunk' ]
}).catch(function(err) {
  if (!err) {
    console.log('No errors here!')
  }
})

Environment Variables

  • DISABLE_LOOP_PREVENTION
    It's possible for you to ask for a very specific list of words—say, 100 two character passwords—which would fail if you didn't have enough words of that size, but your wordlist was big enough—say 1000 words. As such, loop prevention was added in v1.1.0. If you'd like to disable this prevention, set DISABLE_LOOP_PREVENTION to a truth-y value.

Notes

  • The CLI will set the minimum word length to 1 if the maximum word length requested is below the default minimum word length (5), and the minimum is not set. This is as of version 1.2.0. This is to simplify asking for very small words from the CLI. This does not apply to using the module in your applications, just the CLI.

Known Bugs

  • Trying to generate more a large number of words in a single generate() call may overflow the call stack. You'll usually be fine up to 2500 words though so it's not much of a problem.

Contributing

Feel free to send pull requests! I'm not picky, but would like the following:

  1. Write tests for any new features, and do not break existing tests.
  2. Be sure to point out any changes that break API.

History

  • v2.0.0
    Update all dependencies and require Node.js 4 and above. — @cabbiepete
    Updates to standard style. — @fardog
    Move tests to tape. — @fardog
    Allow use without the new keyword. — @fardog

  • v1.2.0
    Replaces nomnom with minimist, and adds a custom validator for CLI options.

  • v1.1.1
    Updates dependencies and internal documentation. Adds dependency badge.

  • v1.1.0
    Doesn't use promises unless you haven't specified a callback. Prevents the generator from entering an infinite loop. Adds additional checks on minimum and maximum word length options.

  • v1.0.0
    API now supports Promises as well as callbacks.

  • v0.2.7
    Updates to the latest version of random-lib and debug.

  • v0.2.6
    Updates to the latest version of async, so that xkcd-password and random-lib use the same version.

  • v0.2.5
    Additional tests.

  • v0.2.4
    Avoids releasing Zalgo on errors.

  • v0.2.3
    Smarter rewrite of word generation function based on additional functionality that random-lib provides. Additional tests.

  • v0.2.2
    Now uses my random-lib wrapper for crypto.randomBytes().

  • v0.2.1
    Now uses Node's crypto.randomBytes() for its PRNG, rather than Math.random() in most cases.

  • v0.2.0
    Changes generation function to accept an "options" object rather than discrete parameters to the generate function. Provides defaults if options aren't given.

The MIT License (MIT)

Copyright (c) 2014 Nathan Wittstock

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Grady Ward's Moby

This project includes a wordlist taken from Grady Ward's Moby II, a list of words that has been placed in the public domain.

License

The Moby lexicon project is complete and has been place into the public domain. Use, sell, rework, excerpt and use in any way on any platform.

Placing this material on internal or public servers is also encouraged. The compiler is not aware of any export restrictions so freely distribute world-wide.

You can verify the public domain status by contacting

Grady Ward 3449 Martha Ct. Arcata, CA 95521-4884