A secure CLI password generator written in rust.

Overview

Rust CLI Password Generator

Overview

This Project is a secure CLI password generator written in rust.
This generates a secure password with three different strategies including Random, Memorable words, and Pin Number along with shannon entropy and an intuitive password strength.
Lots of other configurations can be passed through to make it harder to be cracked. See below for more info.

Build and Run Instructions

Build

  • First make sure you have the rust toolchain installed using rustup.
  • You can build the binary by running cargo build --release to build the project.
  • You can run the project by running the output binary ./target/release/spg.
  • Optional: You can copy and paste ./target/release/spg into your /usr/local/bin/ if you are on the UNIX based environment. Then just run spg.

Usage Instructions

Usage: spg [OPTIONS]

Options:
  -l, --length <LENGTH>
          Password length to be generated [default: 8]
  -g, --gen-type <GEN_TYPE>
          Password generation mechanism to be used [default: random] [possible values: random, pin, memorable]
  -n, --use-numbers
          Whether to use numbers in password
  -s, --use-symbols
          Whether to use special symbols in password
  -c, --use-capitals
          Whether to use capitalized letters in password
  -k, --capitalize-memorable-words
          Whether to capitalize generated words by chance
  -t, --capitalize-memorable-first-letter
          Whether to capitalize the first letter of generated words by chance
  -w, --words-count <WORDS_COUNT>
          The number of words included in memorable password [default: 5]
      --insecure-mode
          Run in insecure mode. The output can be redirected or piped to files or non terminal environments
  -h, --help
          Print help
  -V, --version
          Print version

An example output would be as follows for spg -n -s -c -l 19 prompt:


Shannon entropy: 118.35
Strength: 100.00
z67r81kNk*v~&ud5gjT
Hit Enter to exit

Or we can have a memorable password with 4 words in it by running spg -g memorable -w 4 prompt:

Shannon entropy: 51.70
Strength: 66.67
unwired-hungrily-spirited-encrypt
Hit Enter to exit

Security Perspective

Data Protection

  • Secrecy crate has been used to Zeroise the memory. This crates guarantees that the memory will be freed.
  • It has been made sure that Secret types won't log anywhere by chance as they are protected by Secret type.
  • Running this program on a non-tty environment has been prohibited to prevent logging non-deliberately or letting malicious softwares sniff the generated password.
  • The output will be dismissed and overwritten after a timeout or any SIG from the OS.

Password Generation

  • Arbitrary sampling from uniform distribution has been used in random strategy to mitigate the timing attack.
  • EFF diceware list of words embedded in the binary to preserve integrity.

Development Perspective

Project Structure

This Project has three parts including main,cli,password_generator. Strategy pattern has been used in password_generator, to generate Random,Memorable, and Pin passwords. There is an assets directory which holds the EFF word list for diceware generation.

Testing

  • Run tests by running cargo test to run through the test cases.

Vulnerabilities and Mitigation

This code is not using mlock and/or mprotect to prevent the os from dumping the data into disk on various scenarios on OS.

Todo

  • Write more tests with more coverage.
  • More tests should be implemented in the future. Including security tests.
  • Use Bolero along with a fuzzy engine to produce arbitrary configs for pass generators.
  • Implement mlock/mprotect to protect the memory.

License

MIT License.

Contribution

Feel free to enhance this project by forking it and creating PRs.
Leave a star if you find it useful.

You might also like...
Binary Field Encodings (BFE) for Secure Scuttlebutt (SSB)

ssb-bfe-rs Binary Field Encodings (BFE) for Secure Scuttlebutt (SSB). Based on the JavaScript reference implementation: ssb-bfe (written according to

Build light & secure cross-platform applications with a web-based UI
Build light & secure cross-platform applications with a web-based UI

Millennium Icon by XFaon. *Stats are from Tauri and may not be fully accurate. Millennium is a cross-platform webview framework written in Rust. With

A user-friendly TUI for secure file transfers, with arrow-key and VIM-style navigation
A user-friendly TUI for secure file transfers, with arrow-key and VIM-style navigation

gsftp SFTP with an interactive text-based user interface (TUI). Transfer files through an encrypted connection with a visual interface, so you can see

Secure Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]

Lanzaboote: Secure Boot for NixOS This repository contains tooling for UEFI Secure Boot on NixOS. The goal is to make Secure Boot available from nixpk

COCONUT Secure VM Service Module

This is the source code repository for the COCONUT Secure VM Service Module (SVSM), a software which aims to provide secure services and device emulations to guest operating systems in confidential virtual machines (CVMs). It requires AMD Secure Encrypted Virtualization with Secure Nested Paging (AMD SEV-SNP), especially the VM Privilege Level (VMPL) feature.

Simple Secure Static (HTTPS) File Server with embedded certificate

Secure Static File Server Static Files HTTPs server with self signed embedded certificate Installation Install using cargo: cargo install ssfs Or buil

Kurzlink is a simple static site generator built in rust

kurzlink What is kurzlink? Kurzlink is a simple static site generator built in rust.

First class, scalable rust project generator with batteries included.
First class, scalable rust project generator with batteries included.

amble First class, scalable rust project generator with batteries included. Amble is in beta πŸŽ‰. Install | User Docs | Crate Docs | Reference | Contri

Shiva library: Implementation in Rust of a parser and generator for documents of any type
Shiva library: Implementation in Rust of a parser and generator for documents of any type

Shiva Shiva library: Implementation in Rust of a parser and generator for documents of any type Features Common Document Model (CDM) for all document

Owner
pouyan shalbafan
just a tech
pouyan shalbafan
🐴 RusTOTPony β€” CLI manager of one-time password generators aka Google Authenticator

?? RusTOTPony CLI manager of time-based one-time password generators. It is a desktop alternative for Google Authenticator. Installation Arch Linux Pa

German Lashevich 23 Jan 5, 2023
A CLI-based pride flag generator written in Rust

?? prideful (in development) A CLI-based pride flag generator written in Rust. How to run Build the project using cargo. Install cargo by following th

Angelo-F 35 Sep 3, 2022
A Modern And Secure CLI Tool For Managing Environment Variables

Envio is a command-line tool that simplifies the management of environment variables across multiple profiles. It allows users to easily switch between different configurations and apply them to their current environment

Humble Penguin 536 Apr 16, 2023
Bashly - Bash CLI Framework and Generator

Bashly - Bash CLI Framework and Generator Create feature-rich bash scripts using simple YAML configuration

Danny Ben Shitrit 1.4k Jan 4, 2023
Password manager built in Rust using SurrealDB and MagicCrypt.

you-shall-pass Password manager built in Rust using SurrealDB and MagicCrypt. Features Store using file backed SurrealDB. Encrypt passwords before sto

Saumitra Lohokare 8 Jan 18, 2023
A simple TUI password manager made in Rust.

IronKey IronKey is a Terminal User Interface (TUI) based password generator written in Rust. It leverages the power of Rust's performance and safety f

Kekma 3 Feb 23, 2024
Command line password manager

Usage pw list all entries pw add add new entry pw del delete entry pw <name> generate password for entry; name can refer to either an entry's name or

William Wang 8 Nov 1, 2022
Cuprate, an upcoming experimental, modern & secure monero node. Written in Rust

Cuprate an upcoming experimental, modern & secure monero node. Written in Rust (there is nothing working at the moment, stay tuned if you want to see

Someone Else 16 Feb 20, 2023
(Pre-Release Software) Secure, Encrypted, P2P chat written atop Warp, IPFS, LibP2P, Dioxus and many more awesome projects and protocols.

Uplink Privacy First, Modular, P2P messaging client built atop Warp. Uplink is written in pure Rust with a UI in Dioxus (which is also written in Rust

Satellite 13 Jan 25, 2023
A blazing fast command line license generator for your open source projects written in RustπŸš€

Overview This is a blazing fast ⚑ , command line license generator for your open source projects written in Rust. I know that GitHub

Shoubhit Dash 43 Dec 30, 2022