Here are some ideas about enhancing Bitwarden’s Passphrase Generator to increase the entropy of passphrases AND make them a bit more resistant to dictionary attacks and any patters that are currently present. I hope that the resulting passphrases are still easy enough to remember for humans.
I have numbered the options for generating passphrases so that options 1 and 2 are the options in the generator at present. I don’t consider the selection of the number of words to be a true “option” because a minimum of 3 is mandatory, but I at least gave it a digit in the list as “0”.
- Select the number of words
- Current Option: Capitalize
- Current Option: Include number
- New Option “Add Salt” adds a randomly generated 4 to 6 character hexadecimal value to a passphrase, with randomized (a) ALL UPPERCASE or (b) all lowercase for the alpha digits. The salt is randomly placed among the words in the passphrase.
- New Option to capitalize (b) one randomly selected letter in every word, or (c) one single randomly selected letter among all words, or (d) one randomly selected entire word, not just (a) the first letter in each word. Actually, I think it would be fine if this option 4 were just variants of the current Capitalize option.
- Enhance the word list to include non-English words; the more obscure the languages the better.
In a demonstration of how these options would work, here are the results from a 4-word passphrase…
- No options selected for a 4-word passphrase: depose.revenge.debating.configure
- Only option 1 selected: Depose.Revenge.Debating.Configure
- Only option 2 selected: depose.revenge.debating.configure1
- Both options 1 AND 2 selected: Depose.Revenge.Debating.Configure1
- Only New option 3a selected: depose.revenge.debating.A254F5.configure
- Only New option 3b selected: depose.revenge.debating.a254f5.configure
- Only New option 4b selected: dEpose.reVenge.debatIng.configuRe
- Only New option 4c selected: depoSe.revenge.debating.configure
- Only New option 4d selected: depose.REVENGE.debating.configure
- Options 1 AND 2 AND 3a selected: Depose.Revenge.Debating.A254F5.Configure1
- Options 2 AND 3a AND 4a selected: Depose.Revenge.Debating.A254F5.Configure1
- Options 2 AND 3a AND 4b selected: depOse.revenGe.dEbating.A254F5.conFigure1
- Options 2 AND 3a AND 4c selected: depose.reveNge.debating.A254F5.configure1
- Options 2 AND 3a AND 4d selected: depose.REVENGE.debating.A254F5.configure1
It seems that a combination of options 1,2, and 3 or 2, 3, and 4 ensure the greatest number of permutations. I would always include option 2 because option 3 “Add Salt” does not absolutely guarantee the inclusion of numbers in the salt value.
Thoughts, anyone?