# ETOOBUSY đźš€ minimal blogging for the impatient

# Pass4me

**TL;DR**

A command line tool to generate passwords: pass4me.

All our efforts of selecting words, expanding, compressing again etc. culminated in a JSON file containing groups of words.

Surely this file can be enhanced. There are words that we might not want to use, like swearwords. Still, itâ€™s a good starting place.

Program pass4me uses it to generate passwords. Itâ€™s fully configurable, but by defaultâ€¦

- generates 4 words, each with the following algorithm:
- select a random group, uniformly
- get one random word within that group, taking into account length constraints
- remove the group from the possible choices of other words in this run

- generates one digit
- shuffles the words and the digit, making sure that the first item is always a word
- separates each item with the
`.`

character.

Letâ€™s do some entropy calculation.

There are about $1200$ groups, so even considering the removal after the selection each group contributes at least 10 bits of entropy.

The groups are arranged so that each of them contains *at least* 4 words
with a length that is deemed good by default. This means an additional
minimum 2 bits, so each word is worth 12 bits or more.

With the four words default, we start from a base of 48 bits.

One single digit drawn randomly is slightly more than 3 bit.

The digit might be put in one of four places, so the position adds 2 more bits.

Overall, we end up with minimum 53 bits of entropy, increasing at least 12 more bits for each additional word.

Iâ€™m planning on adding some more groups to reach $1296 = 6^4$ total groups. This would allow using a similar approach to Diceware.

I hope you will enjoy, stay safe!

*Comments? Octodon, Twitter, GitHub, Reddit, or drop me a line!*