docs update

brent s. 2022-03-04 01:27:15 -05:00
parent 8562241d52
commit b5de96c6d0
Signed by: bts
GPG Key ID: 8C004C2F93481F6B
1 changed files with 11 additions and 0 deletions

View File

@ -4,6 +4,14 @@ A password generator written in Golang that offers highly-customizable generated

## What it Does Do

PWGen generates cryptographically-sound (i.e. non-predictable) passwords:

* The character set (or "charset"; the full list of possible characters to use in a password) is predefined at invocation, but the selection of a character in that list is determined by a cryptographically-driven random function (`crypto/rand` rather than simply `math/rand`).
* The order of characters in this generated password itself is then shuffled using `crypto/rand` as well.
* This is done for every single password generated.

You can build (`cd cmd/pwgen && go build`) and then run `./pwgen -h` for all invocation options available.

## What it Doesn't Do
PWGen does not, and will not, generate "Correct Horse Battery Stapler" passphrases (as demonstrated in [XKCD #936](

@ -30,6 +38,9 @@ If you need to generate a very large number of passwords, however, there are som
* Ensure that you stick to pre-defined charsets
* This means no explicit chars defined and no excluded (disabled) chars defined; the number of those chars can affect generation time
* Use a fixed length (e.g. `-l 16 -L 16`)
* Do not use minimum charset requirements

Sticking to these tips changes the generation time for me on my hardware from around 1 minute to about 1 second for 1 million passwords generated on my hardware. YMMV, of course, but you will absolutely see an exponential difference in speed by sticking to the above constraints.

## Other Tips