Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

acme (189)

  (email not shown publicly)

Leon Brocard (aka acme) is an orange-loving Perl eurohacker with many varied contributions to the Perl community, including the GraphViz module on the CPAN. YAPC::Europe was all his fault. He is still looking for a Perl Monger group he can start which begins with the letter 'D'.

Journal of acme (189)

Wednesday April 30, 2008
09:00 AM

Pronounceable passwords

[ #36289 ]

Let's ignore the security aspects and have a fight. In one corner, clkao's Text::Password::Pronounceable. In the other corner, my String::Koremutake:

use strict;
use warnings;
use Perl6::Say;
use Text::Password::Pronounceable;
use String::Koremutake;

say "Text::Password::Pronounceable";
foreach ( 1 .. 10 ) {
    my $password = Text::Password::Pronounceable->generate( 6, 10 );
    say "  $password";

say "String::Koremutake";
my $k = String::Koremutake->new;
foreach ( 1 .. 10 ) {
    my $s = $k->integer_to_koremutake( int( rand(2_000_000) ) );
    say "  $s";

Laaadies and gentlement: the fight begins:


And the winner is... I'm not sure. Who won?

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • (but have not tried to prove) that using Koremutake is going to lead to it being easier to brute force a password list down the line.
    • Text::Password::Pronounceable wins, simply because I can find it on CPAN by searching for Password via module name. I normally don't do a Search All.
  • And incidentally, "koremutake" is easier to pronounce than "pronounceable".
    • Core-mu-take? Or Co-ray-mu-ta-ki? I don't have to think about "pronounceable". :)
  • Jynegra sounds like a multinational corporation that does something you're not quite sure about. "Jynegra: At the forefront of progress."


  • to win is to not play.
  • 10 out of 10 are pronouncable with String::Koremutake 8 out of 10 are pronouncable with Text::Password::Pronounceable
  • The winner is the unix apg (auto password generate) command, simply because it tells you how to pronounce your passwords:

    pjf@teddybear:~$ apg -n10 -m6 -x10 -t
    dyknip (dy-knip)
    FereOw (Fe-re-Ow)
    otAlfig^ (ot-Alf-ig-CIRCUMFLEX)
    tasEms (tas-Ems)
    AtIfRith9 (At-If-Rith-NINE)
    ucGuj+ (uc-Guj-PLUS_SIGN)
    igsyehod0 (igs-ye-hod-ZERO)
    cogwig_ (cog-wig-UNDERSCORE)
    seajaf (seaj-af)
    shoHiujca (sho-Hi-uj-ca)

    If any of the modules provides pronunciation tips (as does apg), then it wins. Otherwise, T::P::Pronounceable

  • In scripts like these it really jumps at me what a silly keyword "say" is. In a script that states that a word is pronounceable, I expect that the script is going to try to say it out loud. And that that is what "say" is doing.

    It's not.
  • I notice you've used String:: while clkao used Text::. For a vaguely similar module I used Encode:: [] (and if you go further along the words-and-numbers spectrum you end up, predictably, at Number:: []).

    I have a pipe dream that one day there will be CPAN author round table meetings where similar modules in disparate namespaces will be agreed into consistent groupings. Ah well...

  • I liked your module. And although I'm more a Perl than a Ruby guy, I felt I needed something like this. So... Well, for the love of $DEITY, I cannot find the way to upload the project page [] to RubyForge (and I've done it, for my other projects there!)... But if you are curious and want to look at how I reimplemented what I saw from you, just clone the Git repository:
    git clone git://
    Thanks for a neat idea!