Would it be possible to add some more options to Bitwardens passphrase generator to get similar passphrases like on iOS devices just on the client? I mean that passphrases wouldn’t contain existing words but speakable phrases for better remembering.
It would make life a bit easier when I generated a password and need in some cases to input it by hand.
Hey @s3tupw1zard are you referring to coherent sentences? They are inherently less secure than randomized passphrases due to a lack of randomness.
What I see when I go into the iOS password generator is non-words that are easier to read than a totally random password. Almost as easy to read as a passphrase, but includes a capital letter and a number so that most sites with stupid password requirements will accept it: “dicveg-gEhr9-rakkeb”, for instance.
When I use a passphrase with Bitwarden, I sometimes have to add a number and capital letter due to site specific password requirements.
But then, aren’t passphrases containing words that actually exist less secure than random “words” that aren’t in any dictionary?
Or am I wrong?
I’m currently mulling over a local installation of XKPasswd - Secure Memorable Passwords
Basically, it’s a simple parameter-based generator that combines a couple of techniques that look very promising in terms of being 1) complex, 2) have good entropy/randomness, and most importantly, 3) reasonably memorizable, and 4) can be entered without massive amounts of frustrating hunting and pecking for capitals and special characters sprinkled at random points in an utterly non-rememberable passphrase, which defeats the purpose.
For example (default settings), “$$01-express-RECORD-tuesday-82$$” is claimed to have 52 bits of entropy with full knowledge of the settings and dictionary (and between 157 and 246 bits without).
And from a casual look, it seems pretty easily rememberable. Although personally, I’d bump the number of words to 5. More than that gets hard to remember before you get your muscle memory or are rusty and haven’t used it in a while.