-
Notifications
You must be signed in to change notification settings - Fork 0
/
MightyTiny_Password_Generator.htm
220 lines (158 loc) · 13.2 KB
/
MightyTiny_Password_Generator.htm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
<!doctype html>
<!--
INSTALLATION:
a) It is important you try to understand what this code does. It is your assurance, that it does what it says.
b) Download this file.
Go to https://github.com/TopView/MightyTiny_Password_Generator
Click: 'Clone or download', then click 'Download ZIP'
Save the file to your hard disk somewhere and use your unzip tools to uncompress it.
c) Put MightyTiny_Password_Generator.htm (this file) on your hard disk somewhere out of the way,
like in a folder in your documents. You can move it later if you want, if you also update your bookmark (see below).
You can optionally delete the .zip and other files if you want.
d) Browse to MightyTiny_Password_Generator.htm with a url like
file:///YourActualPathToThisFile/MightyTiny_Password_Generator.htm
TIP: Start by entering the url: 'file:///' (without the quotes) and then browse to the file's location and click on it.
e) Bookmark it so it's easy to run again, and put your new bookmark on your bookmarks toolbar so it's easy to click on.
f) Click on your bookmark to open and run it with defaults. Click options to re-run it with new options.
You can edit it (carefully) to change the defaults if you know a little html.
g) For security, be sure to close it when you're done.
Originaly written by Aaron Toponce https://github.com/atoponce.
Minimized to just the bare bones to create good passwords by H Johnson https://github.com/TopView.
Then rewritten again, and further minimized to make it even easier to read and understand this code.
Experts may want to ignore the many comments if they annoy you. They are there for the less skilled to give them a leg up.
The usage license is at: https://github.com/TopView/MightyTiny_Password_Generator/blob/master/LICENSE
-->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>MightyTiny Password Generator - v0.5</title>
</head>
<body onload="generate_password()">
<h2>MightyTiny Password Generator</h2>
<hr>
<p>Don't let the primitive look of this gadget fool you.
Fancy screen formatting was deliberately left out of this version.</p>
<p>This is built simple, so it's inner workings can be easily inspected.
With minimal technical skill, one can easily look inside and see exactly how it works.</p>
<p>Open-source code + Simplicity = Trustworthness.</p>
<p>The calculations are done inside your web browser and never touch the internet,
not until you hand copy your new generated password to it's target web page.</p>
<p><b>Be safe:</b> Use a different password everywhere you go.
Use passwords with at least 70 bits of entropy.</p>
<hr>
<br><b>1) Select minimum entropy:</b>
<br>
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "55" > 55-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "60" > 60-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "65" > 65-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "70" checked > 70-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "75" > 75-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value= "80" > 80-bits
<input onclick="generate_password()" name="desired_entropy" type="radio" value="128" >128-bits
<br><small><i>(More bits = more security. 70-bits is the recommended minimum.)</i></small>
<br>
<br><b>2) Select an output format:</b>
<select>
<option onclick="generate_password()" name="desired_format" selected="selected" >Base-94 </option>
<option onclick="generate_password()" name="desired_format" >Base-85 </option>
<option onclick="generate_password()" name="desired_format" >Base-64 (+/) </option>
<option onclick="generate_password()" name="desired_format" >Base-64 (-_) </option>
<option onclick="generate_password()" name="desired_format" >Base-62 </option>
<option onclick="generate_password()" name="desired_format" >Base-58 (Bitcoin) </option>
<option onclick="generate_password()" name="desired_format" >Base-52 </option>
<option onclick="generate_password()" name="desired_format" >Base-36 </option>
<option onclick="generate_password()" name="desired_format" >Base-32 </option>
<option onclick="generate_password()" name="desired_format" >Base-26 </option>
<option onclick="generate_password()" name="desired_format" >Base-16 </option>
<option onclick="generate_password()" name="desired_format" >Base-10 </option>
<option onclick="generate_password()" name="desired_format" >Base-8 </option>
<option onclick="generate_password()" name="desired_format" >Base-2 </option>
<option onclick="generate_password()" name="desired_format" >Coin Flips </option>
<option onclick="generate_password()" name="desired_format" >DNA Sequence </option>
</select>
<br><small>(All output formats deliver aproximately the same password strength.)</small>
<br>
<br><b>3) </b>
<button onclick="generate_password()">Click here to generate a new password</button>
<br>
<br><b>4) Your new password is:</b>
<br>
<br> <span id="computed-password" ></span>
<br>
<br><small>(<span id="computed-password-length"></span> characters wide,
<span id="computed-entropy-length" ></span> bits of entropy)</small>
<br>
<br>
<br><b>5) Once you copy your password, close this page.</b>
<script type="text/javascript">
//=====================================================================================================
// -- 32-bit wide random number lower bound, needed by the random_character_set_index function below.
// We only need to compute it once for any given password output format.
function lower_32bit_bound( charSetLength ) {
charSetLength >>>= 0; // ensure `charSetLength' is a 32-bit integer
// (for next operation); it should already be.
var remainder = (-charSetLength >>> 0) % charSetLength; // This lower_bound is important when generating the random
// character indexes below. It is needed to make sure the
// remainder calcaulation from the large random number is
// balanced equally for all indexed characters. Without it
// some characters could have a slight probability of being
// selected more than others. It sets the random number
// range between `min' and 2**32. The execution order is:
//
// negateLen
// --> shift zero to convert to 32 bits
// --> then return only the remainder
// finally return remainder
}
// --- Uniform, unbiased, secure, random index generator
function random_character_set_index( lower_32bit_bound, charSetLength ) {
const my_crypto = window.crypto || window.msCrypto; // get cryptographic methods (depends on browser, e.g. Firefox)
var rand_array = new Uint32Array(1); // create working array for getRandomValues to use below
// Get 32 bit random num. Assure it's between min (a small int rounding error) & 2**32
do {my_crypto.getRandomValues(rand_array);} while (rand_array[0] < lower_32bit_bound);
return rand_array[0] % charSetLength; // turn this larger number into a small index by getting only the remainder
}
// --- Get the user input, lookup the appropriate character set, and call the password creator
function generate_password() {
// selected password output format (via pull down)
var option = document.querySelector('option[name="desired_format"]:checked').value;
var charSet = ''; // place for string of allowable characters in password
// - From the selected format return the appropriate string of allowable characters
if (option == "Base-94" ) { for (i=0; i<94; i++) charSet += String.fromCharCode(33+i); } // lBound=42
else if (option == "Base-85" ) { charSet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$%&()*+-;<=>?@^_`{|}~"; } // lBound= 1
else if (option == "Base-64 (+/)" ) { charSet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/"; } // lBound= 0
else if (option == "Base-64 (-_)" ) { charSet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"; } // lBound= 0
else if (option == "Base-62" ) { charSet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; } // lBound= 4
else if (option == "Base-58 (Bitcoin)" ) { charSet = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; } // lBound=16
else if (option == "Base-52" ) { charSet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; } // lBound=48
else if (option == "Base-36" ) { charSet = "0123456789abcdefghijklmnopqrstuvwxyz"; } // lBound= 4
else if (option == "Base-32" ) { charSet = "0123456789abcdefghjkmnpqrstvwxyz"; } // lBound= 0
else if (option == "Base-26" ) { charSet = "abcdefghijklmnopqrstuvwxyz"; } // lBound=22
else if (option == "Base-16" ) { charSet = "0123456789abcdef"; } // lBound= 0
else if (option == "Base-10" ) { charSet = "0123456789"; } // lBound= 6
else if (option == "Base-8" ) { charSet = "01234567"; } // lBound= 0
else if (option == "Base-2" ) { charSet = "01"; } // lBound= 0
else if (option == "DNA Sequence" ) { charSet = "ACGT"; } // lBound= 0
else if (option == "Coin Flips" ) { charSet = "HT"; } // lBound= 0
// - Get the number of of entropy bits the user selected, e.g. 70
var desired_entropy = parseInt(document.querySelector('input[name="desired_entropy"]:checked').value);
// - Steps to compute the password
// Find the resulting password width (in characters) we must generate
// = RoundUp of ( Total bits needed / #bits per character )
var PasswordWidth = Math.ceil(desired_entropy/Math.log2(charSet.length));
// Now create the new password string by concatinating random characters one by one
// using the random index into the selected character set
var Password = "";
for(i=PasswordWidth; i--;) {
Password += charSet[random_character_set_index( lower_32bit_bound(charSet.length), charSet.length )];
}
// And insert the computed values into the html page (above) for display to the user
document.getElementById('computed-password' ).innerText = Password;
document.getElementById('computed-password-length' ).innerHTML = PasswordWidth;
document.getElementById('computed-entropy-length' ).innerHTML = Math.floor(PasswordWidth * Math.log2(charSet.length));
// Note: The resulting # of bits reported might be a little more than the minimum requested.
}
//=====================================================================================================
</script>
</body>
</html>