Lesspass: Generate pass phrases

Please explain...

The purpose of LessPass is to not remember generated passwords, except your one and only master-password.

Hello @kabouzeid,
what do you have in mind? add another option to generate a pass phrase?

@SoftwUser certain password like Windows login password or sudo password are passwords you want to memorize because:

• you write those password a lot
• you don't have access to LessPass (on login form on your computer for example)

Ah, maybe patterns like in Masterpassword:

@guillaumevincent
If you consider implementing something like this as options please keep the current scheme with its defaults as default.

If you consider implementing something like this as options please keep the current scheme with its defaults as default.

yes for sure

Hello, sorry for no further explanation. Adding another option to generate pass phrases was what I had in mind. One could use lesspass to generate a pass phrase which one can memorize. The advantage is, that one can restore the password via lesspass if forgotten.

I thought about doing it like this:
For example EFF's wordlist has 7776 (has 4 digits) words in it. If we want to create a pass phrase with five words, we would generate a 4*5 digits password and normalize it, by computing mod 7776 for each of those five four digit pairs. Then we take the 5 matching words.

I'm not familiar with the implementation of lesspass, so there is probably a better way to do it.

Interesting, but wouldn't it be less secure compared to the "standard" LessPass-passwords, given that attacks against "words" would be successful much quicker than against random characters?
I am no expert, just asking...

Relevant xkcd: https://xkcd.com/936/
Obviously a random char sequence of the same length as a pass phrase is much harder to guess. But as shown in the xkcd it would take ~550 years to guess a four word pass phrase at 1000 guesses/sec. My pc needs about 0.5 secs for a single guess with lesspass. That would be ~275000 years to guess a four word pass phrase.

My pc needs about 0.5 secs for a single guess with lesspass.

Be aware that a hacker will use a C program and run this on GPU hardware. So basically it will create a lot more than 1 password in 0.5s

I have use cases similar to yours, @kabouzeid .
I am using other hardware (e.g. smartphone, tablet or other PC) to compute the required password and simply read it and type it then.
It is a bit more complicated, for sure, but is on the same level of security as any other password that I use for other purposes.

For anyone interested:
Strong Passwords Need Entropy (S.P.N.E) - NEW - Version 13.0 from 28th of May 2017
( http://protosoftware.blog4ever.com/strong-passwords-need-entropy-spne-12-may-2013 )
calculates as follows for a (random) LessPass password (default settings) ci5@IvE[!]ie}t48 :

I wrote a password generator a couple years ago starting with the basic XKCD 936 premise:
https://github.com/smontanaro/polly
It's configurable for extra entropy and numbers of words, and has a perhaps unusual dictionary generation scheme (suitably tagged emails from the user's email collection). As I only wrote it for my own use, I don't recommend it for other people to use, but it's there if you want to take a peek. It's not had many eyeballs, and as far as I know, nobody else uses it. _Caveat emptor_.

@smontanaro thank you! as far as I can see this is not what I'm looking for though. I'm looking for something that generates a pass phrase from a less pass password in a deterministic way. Obviously only deterministic on the same word list. I could write it on my own in a simple script, I was hoping that the functionality would be included directly into less pass though.

The thought here is, that I can use a pass phrase for things I need to type often, like my sudo pw. But in case I forget it, I want to be able to restore it via less pass.

Understand...
... again, no expert, just asking:

So there would be sort of a dictionary covering about 8000 words (per language) as a source for those pass phrases.
Could those words be taken from accessing any server - or do they have do be part of every LessPass-distribution, thus blowing up the code and installations?
And in case they have to be part of every installation - would we be able to not install/include this feature?

@kabouzeid Understood. I wasn't trying to suggest that it could be used directly. At minimum, I think you'd have to translate the relevant bits into LessPass-speak (JavaScript?).

@SoftwUser Correct, you'd have to cook up a dictionary of suitable size. I don't think it has to be huge. In XKCD936 explained (https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength) the 44 bits come from 2048 words sampled four times. (I get 45, but I'm probably making a dumb mistake.) You can raise the entropy level without substantially reducing the memorability of the pass phrase by sprinkling random punctuation/digits between the words and random capitalization of the words. Just considering five-letter words from /usr/share/dict/words on the system at my fingertips, I get 15034 words, 90kbytes uncompressed, 39k gzipped. Choosing a sample of 4096 of those words gets me down to 24kbytes plain, 10kbytes gzipped. I think it's totally doable to include such a dictionary in the LessPass code (assuming it can be descrypted on-the-fly - I'm not a web programmer, and don't know what's available). This, of course, is only for English, but I see no conceptual problem choosing a particular language at setup.

We will probably need a fixed list of word (EFF? https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases) and we will use the entropy generated to consume this list of words.

If someone wants to try an implementation on https://github.com/lesspass/core/
Feel free to create a POC

XKCD-password-generator could help

For passphrase generation, see Diceware.
(basically, the method is to have a list of word (around 7000) and use physical dices (which probably cant have a RNG default) to select each word of your passphrase). I use this with most of my master and other passwords, and remembering the generated phrase does not take much time.

I think the underlying generation method of lesspass can be readily used to generate word phrases. After generating the entropy you need to consume it with words instead of single characters.

• For this, as others already stated, you need a word list: it should be large to reduce predictability and number of generated words.
• Variation in capitalization: you can choose to capitalize or not for each single letter of the word but that would be hard to remember. So, only 4 variations can be used: word, wORD, Word, WORD.
• Separator character: 1 or more characters from symbols set.

For example a word from a list of 8192 (=2^13), one of 4 (=2^2) capitalization variations and one of 32 (=2^5) symbols for separator consume 20 bits or 2.25 bytes of the key generated by PBKDF. A 3 (4 resp.) word pass phrase will consume 7 (9 resp.) bytes (which could have been used to create a lesspass password around 9 (11 resp.) characters)

Edit: Since the pass phrase generated must be the same everywhere for the same parameters. Word list (or lists) has to be fixed.

I close this one
This is a feature that I will probably never implement because of low priority and not a lot of time.

Interesting discussion btw

Duplicated by: #523

Dice dictionaries

Have some drawbacks:

• files have a certain weight to them, Dutch and Māori are ~90k
• looks like they are translation from the English (no idiomatic word?)
• mostly restricted to Latin characters (no diacritics/accentuated characters, e.g. øéàō making it harder to recognize/read some word)
• some special characters entries

Fun Facts

The French example highlight the diversity of language :D

ileus humide diktat sbire peotte

• ileus, medical word derivate from latin ;
• diktat word from german
• sbire from italian
• peotte from venitian not so common

@edouard-lopez I close this one again please don't reopen

This feature will introduce some complexity in the ui, and I will probably never implement because of low priority and not a lot of time.

I will reopen if I found some time one day and most priorities issues are resolved

Thanks

I haven't looked over the project source code, but assume that master password is used as a seed for "random" generation of passwords, and that for a character by character password, it's just applying Math.random() or similar against a given range of values.

If that assumption is correct, substituting a character for a word from EFF-long list shouldn't be too difficult to support. There's some clear benefit identified early on in this issue for this style of password.

The justification against it beyond time of implementing it is english words may be bad UX for non-English speakers....arguably english is no more difficult to input for most users, and the existing ASCII generation is no different from that.

UI complexity is only if you were to add additional customization as one comment suggested for some reason. That's unnecessary, all lowercase words with a space delimiter(or alternative like _) should be sufficient. 5 words allows for 64 bits of entropy which is plenty with the 100k PBKDF2 iterations LessPass performs.

Only drawback is RNG isn't really meeting best practice for word selection, but that'd be an issue with RNG and LessPass in general, especially with the deterministic generation, but that's what users are choosing LessPass for. AFAIK that's mostly remedied by the user generating a master password with a better source for RNG.

Low priority for the maintainer is perfectly valid :)