New extension: memorable passphrase generator (pass-genphrase)

Cong Ma at
Tue May 2 13:28:58 CEST 2017

Dear users and developers,

I created a new extension for memorable passphrase generation,
"pass-genphrase," available from Github:

A search in the mail archives reveals that the idea was brought up
earlier as patches to "pass" itself.  Here, instead, the command is
provided by an optional extension.

The extension works by securely and randomly shuffling a dictionary
file.  The EFF's long Diceware word list [1] is redistributed with the
code and is used by default, but the user can specify an alternative
dictionary.  I chose the EFF list because of its author's careful
research into the balance between usability and security [2].


Command line options closely resemble those of "pass generate."  More
information can be found with the documentation or "pass genphrase

Although there are a wie selection of passphrase programs, and they may
conceivably work with "pass insert" by simple piping, this extension
follows more closely the typical usage case of "pass generate."  In
addition, when "pass" needs the standard input for user interaction
(e.g. confirming overwrite), it would be cumbersome to use pipes.

The core of the program, the code performing the shuffle, is written in
portable Python that can run with both Python 2.7 and 3.x.  It uses
Python's interface to the system's CSPRNG.  I understand that "pass" is
a shell project, but I feel more competent with Python.  I hope this
will not degrade portability, and in the future, the implementation may
switch to all-shell.

Your comments, bug reports, patches are very much welcome.  I hope that
the program may prove helpful with your daily usage.

Best wishes and happy hacking,
Cong Ma

Key fingerprint = 0620 5656 EF5C 93C7 D277  C7F1 9D45 A4C5 7226 3E66

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Password-Store mailing list