Skip to content
/ dumbpw Public

A bad password generator for bad websites with bad password policies

pypi.org/project/dumbpw/

License

View license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rpdelaney/dumbpw

BranchesTags

Repository files navigation

dumbpw

LANGUAGE VERSION build status MAINTAINED LICENSE STYLE

To create and remember passwords for online services, the best practice for most folks online is to use a password management tool such as Bitwarden to generate long, cryptographically random passwords. Then, a very strong passphrase is used to lock the password manager.

Unfortunately, in a misguided attempt to encourage users to choose better passwords, many websites and apps enforce restrictive password policies. These policies inhibit users from using cryptographically random password generators: a long, high-entropy password is more likely to violate such rules, which means a security-savvy user may have to attempt several "random" passwords before one is accepted. This punishes users who are trying to follow best practices.

Enter dumbpw. dumbpw allows you to configure a set of rules, and then it will generate a cryptographically secure password that conforms to those dumb rules.

If all you need is a password generator, you should not use this.

Installation

uv tool install dumbpw

Usage

$ dumbpw --help
Usage: dumbpw [OPTIONS] LENGTH

Generate a secure password conforming to dumb rules.

Options:
--version                       Show the version and exit.
--min-uppercase INTEGER         The minimum number of uppercase characters.
                                [default: 1]
--min-lowercase INTEGER         The minimum number of lowercase characters.
                                [default: 1]
--min-digits INTEGER            The minimum number of digit characters.
                                [default: 1]
--min-specials INTEGER          The minimum number of special characters.
                                [default: 0]
--blocklist TEXT                Characters that may not be in the password.
                                [default: '";]
--allow-repeating / --reject-repeating
                                Allow or reject repeating characters in the
                                password.  [default: reject-repeating]
--specials TEXT                 Non-alphanumeric characters that may be in
                                the password. Pass '-' to read from standard
                                input.
--help                          Show this message and exit.

⚠️ Caveats

  • The author is neither a cryptographer, nor a security expert. There has been no formal, independent, external security review of this software. As explained in the LICENSE, the author assumes no responsibility or liability for your use of this software.

Related tools

Development

To install development dependencies, you will need uv and pre-commit.

pre-commit install --install-hooks
uv sync

direnv is optional, but recommended for convenience.

About

A bad password generator for bad websites with bad password policies

pypi.org/project/dumbpw/

Resources

Readme

License

View license
Activity

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

15 tags

Sponsor this project

Packages

 
 
 

Contributors

Languages