Skip to content

omaric/easytypepass

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

easytypepass

Generate passwords that are easy to type

People who care about security use hard-to-crack passwords, generally generated by a password generator to have a random mix of uppercase letters, lowercase letters, numbers, and symbols. Those four requirements are often required for website passwords, along with a minimum length and other requirements. However, a password like 3gK*&>5%bZY)sH:D can be hard to type, especially on certain devices. For example, typing out passwords for video game consoles is a huge annoyance, as you generally have to hunt and peck with a cursor across a software keyboard. That cursor is controlled by your video game controller. This can be more difficult than a hardware or a capacitive touch (mobile) keyboard, which are both controlled directly with your fingers and you can input multiple letters in rapid succession.

It would be easier to type such passwords with a better keyboard. But since we can't use our phones to input passwords to our game consoles, nor do we want to pay for expensive game console keyboards, it's simpler to just generate a password that's easy to type. What would make the passwords easy to type? Putting all the types of characters next to each other. Uppercase letters go in one continuous section of characters, lowercase letters go in another section of characters, numbers are colocated, and all symbols also go next to each other. This way, you're not constantly switching the keyboard type for every character you input, only each section.

What about security? You can still keep good security by having a password be long, using a crypto-safe pseudorandom selection, not only for each character, but the order of the character type sections. If you like, you can add extra sections, picked randomly of course. A password of 3045krkfEYTB{+:_ is hard to crack. A bad actor doesn't know the order of the sections, nor do they know which characters are selected within each section.

Meanwhile, you only switch keyboard types (from default to number* to lowercase to uppercase to symbols) a maximum of four times. That's way fewer than the 13 keyboard switches needed to type 3gK*&>5%bZY)sH:D, a password of equal length. It's more secure than the easy-to-type password, but the easy-to-type password is already secure enough (takes years to crack).

If you want to see exactly how secure the algorithm would be, let's compare:

Assuming you have 27 symbols, there are 27+10+26+26=89 different characters to choose from with a regular password. A password of length 16 means there are 89^16=1.5e+31 or 15 nonillion possibilities. A high number for sure.

With an easy to type password of four sections (minimum) and a length of four characters per section (default), let's first calculate the permutations on the sections P(4,4)= 24. Then each section has 4 characters, allowing repeats. For digits that's 10^4 = 10,000. Each set of letters is 26^4=456,976. Symbols is 27^4=531,441. Multiplying those together gets you 2.6e+22 or 26 sexillion possibilities. The easy-to-type password is less than a regular 16-character password by 9 orders of magnitude, but it's still quite tough to brute force. And that's if your hacker already knows you're using this generator with the default settings.

Compare it with the much more popular 8-character password, which has roughly only 3.0e+15 or 3 quadrillion possibilities (number of symbols varies). The easy-to-type password is stronger by 7 orders of magnitude. And you can play with the number and length of the sections to make it even stronger. Keep in mind, you still have to switch keyboard types many times when typing in the traditional 8-character password, even if you have to switch fewer times than with a 16-character password.

* I suppose there isn't a numbers-only keyboard type on most onscreen keyboards. Still, I think numbers deserve their own section in this password generator.

About

Generate passwords that are easy to type

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published