Class PasswordGenerator

java.lang.Object

de.gustavblass.commons.crypto.PasswordGenerator

public class PasswordGenerator
extends Object

A class that generates secure passwords and passphrases. It uses the EFF word list to generate password, which are easy to remember and type, but not as secure as random passwords. The strength of a password can be estimated with the estimatePasswordStrength(char[]) method, which uses the Zxcvbn library.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	PasswordGenerator.PasswordStrength	Indicates how hard it is to guess a specific password.

Field Summary

Fields

Modifier and Type	Field	Description
private static final @NonNull List<String>	EFF_WORD_LIST	The EFF word list, a list of 7776 words that can be used to generate passphrases.
private static final org.apache.logging.log4j.Logger	LOG

Constructor Summary

Constructors

Constructor	Description
PasswordGenerator()	Loads the EFF word list from the resources.

Method Summary

Modifier and Type	Method	Description
static @NonNull PasswordGenerator.PasswordStrength	estimatePasswordStrength(char[] password)	Uses the Zxcvbn library to check how hard the given passsword is to guess.
char[]	generatePassphrase()	Generates a securely random passphrase consisting of 6 words from the EFF word list.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

private static final org.apache.logging.log4j.Logger LOG

EFF_WORD_LIST

@NonNull
private static final @NonNull List<String> EFF_WORD_LIST

The EFF word list, a list of 7776 words that can be used to generate passphrases. See EFF word list.

Constructor Details

PasswordGenerator

public PasswordGenerator()
                  throws de.gustavblass.commons.exceptions.IllegalStateException

Loads the EFF word list from the resources. The EFF word list is a list of 7776 words that can be used to generate passphrases. Without it, the generatePassphrase() method will not work.

Throws:

de.gustavblass.commons.exceptions.IllegalStateException - If the EFF word list could not be loaded.

Method Details

generatePassphrase

public char[] generatePassphrase()
                          throws de.gustavblass.commons.exceptions.IllegalStateException

Generates a securely random passphrase consisting of 6 words from the EFF word list. The strength of the passphrase is not too high if the attacker knows that it only consists of natural language words. However, it is easy to remember and type, which is why it is suitable for some use cases, e.g. when the user does not have a password manager available.

Returns:

A passphrase consisting of 6 words from the EFF word list.

Throws:

de.gustavblass.commons.exceptions.IllegalStateException - Should not happen. If it does, it means that the EFF word list could not be loaded.

estimatePasswordStrength

@NonNull
public static @NonNull PasswordGenerator.PasswordStrength estimatePasswordStrength(char[] password)

Uses the Zxcvbn library to check how hard the given passsword is to guess.

Parameters:

password - The password to estimate the strength of.

Returns:

The estimated strength of the password, according to Zxcvbn.