Correct Horse Battery Staple
April 23, 2013
In his 936th xkcd comic strip, Randall Munro described what is wrong with common passwords and suggested a method of passphrase generation that is simpler to use and provides greater security. Unfortunately, I know of no popular websites that permit xkcd-style passphrases. I do still recall, however, the xkcd-style passphrase that CompuServe assigned me about twenty-five years ago (does anyone else remember upgrading from a 1200 baud modem to 9600 baud?)
Your task is to write an xkcd-style passphrase generator. When you are finished, you are welcome to read or run a suggested solution, or to post your own solution or discuss the exercise in the comments below.
perl -e ‘
my @pass = ();
my @arr = ();
while (){
chomp;
#Pick words of 6+ chars
push @arr, $_ if /.{5}.+/;
}
for (my $i = 0 ; $i < 5 ; $i++){
# Passphrase is 5 random words
push @pass, $arr[rand $#arr];
}
print ((join " ", @pass) . "\n");
' dictionary.txt
That while in there should have a open and close angle brackets inside the parens, but the website seems to have stripped them off.
Heh… as it happens, I wrote one in response to the xkcd strip. Note that this is guaranteed to only use a given word once.
my %words = read_words();
my @chosen = ();
for my $i (1 .. $num_words) {
my @keys = keys %words;
my $word = $keys[ rand(@keys) ];
push @chosen, $word;
delete $words{$word};
}
To ease compatibility with websites that have complexity requirements, you can upper-case the first letter and add a period on the end.
I have successfully used this strategy with Google, Facebook, Reddit, Twitter, LinkedIn…
[…] today’s Programming Praxis exercise, our goal is to generate xkcd-style passphrases consisting of four […]
My Haskell solution (see http://bonsaicode.wordpress.com/2013/04/23/programming-praxis-correct-horse-battery-staple/ for a version with comments):
Upgrading from 1200 baud to 9600 baud? I remember flamewars about the difference between baud and bps (I don’t even remember the maximum capacity of a telephone line – was it 2400baud? Each baud can carry many bits) – and I remember reading them at 300bps. Just about fast enough to read (if there were not too many ANSI-codes to change color)…
We even soldered a 2400bps modem in school. Try doing that with a todays 953BGPA chip…
And now I’m in a country where 128kbps is the top of the line for 100$/month. I’m feeling young again.
Python version.
When testing this routine it generated this pass-phrase: fuzzy pompous fiancee sally
I remember using a 300 baud acoustically coupled modem.
Scala –
Reblogged this on David James Coding Blog and commented:
Excited to attempt this challenge, maybe even generate my new password out of it!
Guile:
Using iota and map to make the list of four random numbers seemed silly, so I did it. ^_^