I'd love to see an option for diceware passphrases in the password generator. A password like crazy-horse-battery is pretty secure and far easier to remember/type then kis-efum-aya-hava-ivid. Now I know you'll say we don't need to remember passwords since Enpass can type them for you, but there are situations when I can't use Enpass to type the password, such as the Enpass Vault, servers, computer logins etc.

Hey @Pedro, first tell me, do u have some telepathy power or what?  You read our minds dude!   The Diceware in password generator has already been implemented for almost all the platforms, and soon you'll see this feature in our beta version, which we are rolling out next week. But Pedro, you still don't need to remember any password, Enpass will always do that for you.

Hehe, awesome! Happy to hear that. And obviously I'll save those passwords in Enpass, but sure helps to have them generated there too

Edited May 13, 20169 yr by Pedro

Hello!

I did not know about the Diceware algorithm until it came out of beta. That being said, there are a great many institutions that require users to frequently change their Windows login password using a system that requires mixed case letters and digits but no punctuation. The old Enpass pronounceable password generator worked well for them. The new one simply fails miserably. With that in mind, here is a proposed enhancement (please consult the Password Generator options on any platform, making sure that "Pronounceable" is checked and the recipe is shown):

 

1. Allow "Digit" in the "Separator" box again.

2. When "Separator" equals "Digit," the "Digits" checkbox should be renamed "Extra Digits," or something to make it clear that it controls the appearance of groups of two or three digits when the separator is a digit. Or it can be disabled.

 

Thank you!

 

Stuart Simon

Thanks for the suggestion @Stuart Simon , noted and added to roadmap.

Hi @Anshu kumar @Gajender Singh

Diceware has 10 word limit; is there reason for it? I would the limit to be higher for more security critical accounts.

Thx

cc @Hemant Kumar

Hi @Jaspreet Singh,

Ten words are good enough for any kind of security. As per diceware faq :

Quote

• Five words are breakable with a thousand or so PCs equipped with high-end graphics processors. (Criminal gangs with botnets of infected PCs can marshal such resources.)

• Six words may be breakable by an organization with a very large budget, such as a large country's security agency.

• Seven words and longer are unbreakable with any known technology, but may be within the range of large organizations by around 2030.

• Eight words should be completely secure through 2050.