Stories
Slash Boxes
Comments

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

acme (189)

acme
  (email not shown publicly)
http://www.astray.com/
Leon Brocard (aka acme) is an orange-loving Perl eurohacker with many varied contributions to the Perl community, including the GraphViz module on the CPAN. YAPC::Europe was all his fault. He is still looking for a Perl Monger group he can start which begins with the letter 'D'.

Journal of acme (189)

Wednesday April 30, 2008
10:00 AM

Pronounceable passwords

[ #36289 ]

Let's ignore the security aspects and have a fight. In one corner, clkao's Text::Password::Pronounceable. In the other corner, my String::Koremutake:

#!perl
use strict;
use warnings;
use Perl6::Say;
use Text::Password::Pronounceable;
use String::Koremutake;

say "Text::Password::Pronounceable";
foreach ( 1 .. 10 ) {
    my $password = Text::Password::Pronounceable->generate( 6, 10 );
    say "  $password";
}

say "String::Koremutake";
my $k = String::Koremutake->new;
foreach ( 1 .. 10 ) {
    my $s = $k->integer_to_koremutake( int( rand(2_000_000) ) );
    say "  $s";
}

Laaadies and gentlement: the fight begins:

Text::Password::Pronounceable
  dtwlysoto
  bileoire
  metstari
  hisiner
  icaharwet
  thitilos
  hilerith
  ilyome
  weyhow
  ttovihith
String::Koremutake
  kigelu
  hestemi
  jimygy
  teliku
  jynegra
  prydryji
  sitimy
  bronesi
  vonipro
  litisi

And the winner is... I'm not sure. Who won?


List all Journal entries
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Pronounceable passwords 15 Comments More | Login | Reply /

 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • (but have not tried to prove) that using Koremutake is going to lead to it being easier to brute force a password list down the line.
    • Text::Password::Pronounceable wins, simply because I can find it on CPAN by searching for Password via module name. I normally don't do a Search All.
  • And incidentally, "koremutake" is easier to pronounce than "pronounceable".
    • Core-mu-take? Or Co-ray-mu-ta-ki? I don't have to think about "pronounceable". :)
  • Jynegra sounds like a multinational corporation that does something you're not quite sure about. "Jynegra: At the forefront of progress."
    --

    --
    xoa

  • to win is to not play.
  • 10 out of 10 are pronouncable with String::Koremutake 8 out of 10 are pronouncable with Text::Password::Pronounceable

  • The winner is the unix apg (auto password generate) command, simply because it tells you how to pronounce your passwords:

    pjf@teddybear:~$ apg -n10 -m6 -x10 -t
    dyknip (dy-knip)
    FereOw (Fe-re-Ow)
    otAlfig^ (ot-Alf-ig-CIRCUMFLEX)
    tasEms (tas-Ems)
    AtIfRith9 (At-If-Rith-NINE)
    ucGuj+ (uc-Guj-PLUS_SIGN)
    igsyehod0 (igs-ye-hod-ZERO)
    cogwig_ (cog-wig-UNDERSCORE)
    seajaf (seaj-af)
    shoHiujca (sho-Hi-uj-ca)

    If any of the modules provides pronunciation tips (as does apg), then it wins. Otherwise, T::P::Pronounceable

  • In scripts like these it really jumps at me what a silly keyword "say" is. In a script that states that a word is pronounceable, I expect that the script is going to try to say it out loud. And that that is what "say" is doing.

    It's not.
  • I notice you've used String:: while clkao used Text::. For a vaguely similar module I used Encode:: [cpan.org] (and if you go further along the words-and-numbers spectrum you end up, predictably, at Number:: [cpan.org]).

    I have a pipe dream that one day there will be CPAN author round table meetings where similar modules in disparate namespaces will be agreed into consistent groupings. Ah well...

  • I liked your module. And although I'm more a Perl than a Ruby guy, I felt I needed something like this. So... Well, for the love of $DEITY, I cannot find the way to upload the project page [rubyforge.org] to RubyForge (and I've done it, for my other projects there!)... But if you are curious and want to look at how I reimplemented what I saw from you, just clone the Git repository:
    git clone git://rubyforge.org/koremutake.git
    Thanks for a neat idea!
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.