index.php

<!doctype html>
<html lang=en>
<head>

<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-74829107-1"></script>
<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());

  gtag('config', 'UA-74829107-1');
</script>

<!-- Meta Info for Social Media -->
<meta property="og:title" content="Bytes Unlimited | Use a Passphrase" />
<meta property="og:type" content="website" />
<meta property="og:url" content="https://bytesunlimited.com/UseAPassphrase/" />
<meta property="og:image" content="https://bytesunlimited.com/wp-content/uploads/2018/07/byteslogo.png" />
<meta property="og:site_name" content="Bytes Unlimited" />
<meta property="fb:app_id" content="1007999749273675" />
<meta property="og:description" content="Here at Bytes Unlimited, we offer a wide array of IT Services for small businesses and home users in person or remotely. Try out this free tool!" />
<meta property="og:image:secure_url" content="https://bytesunlimited.com/wp-content/uploads/2018/07/byteslogo.png" />
<meta name="twitter:card" content="summary" />
<meta name="twitter:title" content="Bytes Unlimited | Use a Passphrase" />
<meta name="twitter:description" content="Here at Bytes Unlimited, we offer a wide array of IT Services for small businesses and home users in person or remotely. Try out this free tool!" />
<meta name="twitter:image" content="https://bytesunlimited.com/wp-content/uploads/2018/07/byteslogo.png" />
<script type="application/ld+json">{ "@context" : "https://schema.org",
"@type" : "Organization",
"name" : "Bytes Unlimited",
"url" : "https://bytesunlimited.com",
"sameAs" : ["https://www.facebook.com/BytesUnlimited"]
}
</script>

<meta charset="utf-8" >
<link rel="stylesheet" href="css/styles.css?__inline=true" />
<link rel="stylesheet" href="css/fonts.css?__inline=true" />

<link rel="canonical" href="https://bytesunlimited.com/" />

<link rel="icon" href="https://i0.wp.com/bytesunlimited.com/wp-content/uploads/2018/07/cropped-byteslogo-1.png?fit=32%2C32&#038;ssl=1" sizes="32x32" /><link rel="icon" href="https://i0.wp.com/bytesunlimited.com/wp-content/uploads/2018/07/cropped-byteslogo-1.png?fit=192%2C192&#038;ssl=1" sizes="192x192" /><link rel="apple-touch-icon-precomposed" href="https://i0.wp.com/bytesunlimited.com/wp-content/uploads/2018/07/cropped-byteslogo-1.png?fit=180%2C180&#038;ssl=1" /><meta name="msapplication-TileImage" content="https://i0.wp.com/bytesunlimited.com/wp-content/uploads/2018/07/cropped-byteslogo-1.png?fit=270%2C270&#038;ssl=1" />

<style>
.container-header {
  width: 100%;
  background-color:#f4f4f4;
  text-align: center;
  margin-top: 0px;
}
.logo {
  width: 100%;
}
.content {
  padding: 16px;
}
.sticky {
  position: fixed;
  top: 0;
  width: 100%;
}
.sticky + .content {
  padding-top: 102px;
}
</style>

<title>Bytes Unlimited | Use a Passphrase</title>
</head>

<body>

<header class="container-header" id="myHeader">
  <div class="container">
      <h1 class="logo">
          <a href="https://BytesUnlimited.com"><img src="https://bytesunlimited.com/wp-content/uploads/2019/07/bytes-unlimited-logo.png" width="100" height="82" alt="Bytes Unlimited Logo"></a> Bytes Unlimited
      </h1>
  </div>
</header>

<div class="container">
  <div class="header">
    <h2 class="title">Use A <span>Passphrase</span></h2>
  </div>
  <p class="passphrase-label">Generate a passphrase or test your password's
  strength (we don't store or transmit these):</p>
  <input id="passphrase" type="text" value="Loading..." onmouseover="this.select()"/>
  <p class="crack-time-label">Approximate Crack Time: <span class="crack-time">0 seconds</span></p>
  <div class="passphrase-options">
    <select id="passphrase_select">
      <option value="5">Five-word passphrase</option>
      <option value="6" selected>Six-word passphrase</option>
      <option value="7">Seven-word passphrase</option>
      <option value="8">Eight-word passphrase</option>
      <option value="9">Nine-word passphrase</option>
      <option value="10">Ten-word passphrase</option>
      <option value="11">Eleven-word passphrase</option>
      <option value="12">Twelve-word passphrase</option>
    </select>
    <p>Spaces?
      <input type="radio" id="spaces" name="spaces" value="1" checked />Yes
      <input type="radio" name="spaces" value="0" />No
    </p>
    </select>
    <button class="btn-generate" onmouseover="" style="cursor: pointer;">Generate New Passphrase</button>
  </div>
  <div class="social-buttons">
    <a href="https://www.facebook.com/sharer/sharer.php?u=https://bytesunlimited.com/useapassphrase/" target="_blank" class="sc-btn sc--facebook"> <span class="sc-icon"> <svg viewBox="0 0 33 33" width="25" height="25" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g><path d="M 17.996,32L 12,32 L 12,16 l-4,0 l0-5.514 l 4-0.002l-0.006-3.248C 11.993,2.737, 13.213,0, 18.512,0l 4.412,0 l0,5.515 l-2.757,0 c-2.063,0-2.163,0.77-2.163,2.209l-0.008,2.76l 4.959,0 l-0.585,5.514L 18,16L 17.996,32z"></path></g></svg> </span> <span class="sc-text">Share It</span> </a>
    <a href="http://twitter.com/share?url=https://bytesunlimited.com/useapassphrase/&text=Use a passphrase! A helpful tool for generating strong passwords.&via=mikehearn&" target="_blank" class="sc-btn sc--twitter"> <span class="sc-icon"> <svg viewBox="0 0 33 33" width="25" height="25" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g><path d="M 32,6.076c-1.177,0.522-2.443,0.875-3.771,1.034c 1.355-0.813, 2.396-2.099, 2.887-3.632 c-1.269,0.752-2.674,1.299-4.169,1.593c-1.198-1.276-2.904-2.073-4.792-2.073c-3.626,0-6.565,2.939-6.565,6.565 c0,0.515, 0.058,1.016, 0.17,1.496c-5.456-0.274-10.294-2.888-13.532-6.86c-0.565,0.97-0.889,2.097-0.889,3.301 c0,2.278, 1.159,4.287, 2.921,5.465c-1.076-0.034-2.088-0.329-2.974-0.821c-0.001,0.027-0.001,0.055-0.001,0.083 c0,3.181, 2.263,5.834, 5.266,6.438c-0.551,0.15-1.131,0.23-1.73,0.23c-0.423,0-0.834-0.041-1.235-0.118 c 0.836,2.608, 3.26,4.506, 6.133,4.559c-2.247,1.761-5.078,2.81-8.154,2.81c-0.53,0-1.052-0.031-1.566-0.092 c 2.905,1.863, 6.356,2.95, 10.064,2.95c 12.076,0, 18.679-10.004, 18.679-18.68c0-0.285-0.006-0.568-0.019-0.849 C 30.007,8.548, 31.12,7.392, 32,6.076z"></path></g></svg> </span> <span class="sc-text">Tweet It</span> </a>
    <a href="http://github.com/mike-hearn/useapassphrase" target="_blank" class="sc-btn sc--github"> <span class="sc-icon"> <svg viewBox="0 0 33 33" width="25" height="25" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g><path d="M 16,0C 7.163,0,0,7.163,0,16s 7.163,16, 16,16s 16-7.163, 16-16S 24.837,0, 16,0z M 25.502,25.502 c-1.235,1.235-2.672,2.204-4.272,2.881c-0.406,0.172-0.819,0.323-1.238,0.453L 19.992,26.438 c0-1.26-0.432-2.188-1.297-2.781 c 0.542-0.052, 1.039-0.125, 1.492-0.219s 0.932-0.229, 1.438-0.406s 0.958-0.388, 1.359-0.633s 0.786-0.563, 1.156-0.953s 0.68-0.833, 0.93-1.328 s 0.448-1.089, 0.594-1.781s 0.219-1.456, 0.219-2.289c0-1.615-0.526-2.99-1.578-4.125c 0.479-1.25, 0.427-2.609-0.156-4.078l-0.391-0.047 c-0.271-0.031-0.758,0.083-1.461,0.344s-1.492,0.688-2.367,1.281c-1.24-0.344-2.526-0.516-3.859-0.516c-1.344,0-2.625,0.172-3.844,0.516 c-0.552-0.375-1.075-0.685-1.57-0.93c-0.495-0.245-0.891-0.411-1.188-0.5s-0.573-0.143-0.828-0.164s-0.419-0.026-0.492-0.016 s-0.125,0.021-0.156,0.031c-0.583,1.479-0.635,2.839-0.156,4.078c-1.052,1.135-1.578,2.51-1.578,4.125c0,0.833, 0.073,1.596, 0.219,2.289 s 0.344,1.286, 0.594,1.781s 0.56,0.938, 0.93,1.328s 0.755,0.708, 1.156,0.953s 0.854,0.456, 1.359,0.633s 0.984,0.313, 1.438,0.406 s 0.951,0.167, 1.492,0.219c-0.854,0.583-1.281,1.51-1.281,2.781l0,2.445 c-0.472-0.14-0.937-0.306-1.394-0.5 c-1.6-0.677-3.037-1.646-4.272-2.881c-1.235-1.235-2.204-2.672-2.881-4.272C 2.917,19.575, 2.563,17.815, 2.563,16 s 0.355-3.575, 1.055-5.23c 0.677-1.6, 1.646-3.037, 2.881-4.272s 2.672-2.204, 4.272-2.881 C 12.425,2.917, 14.185,2.563, 16,2.563s 3.575,0.355, 5.23,1.055c 1.6,0.677, 3.037,1.646, 4.272,2.881 c 1.235,1.235, 2.204,2.672, 2.881,4.272C 29.083,12.425, 29.438,14.185, 29.438,16s-0.355,3.575-1.055,5.23 C 27.706,22.829, 26.737,24.267, 25.502,25.502z"></path></g></svg> </span> <span class="sc-text">Fork It</span> </a>
  </div>
  <h2 id="why-should-i-use-a-random-passphrase-">Why should I use a random passphrase?</h2>
  <p>Because humans are terrible at creating secure passwords. The <a href="http://xkcd.com/936/">famous xkcd comic</a> got it right: humans have been trained to use <b>hard-to-remember</b> passwords that are <b>easy</b> for computers to guess.</p>
  <p>Try as we might, humans usually end up using one of a few predictable patterns when creating passwords. We base them on things we can remember, such as names, locations, dates or just common English words. Then, we add some spice with a capital letter, some numbers, or a symbol.</p>
  <p>Does your password fall into this group?</p>
  <table>
  <thead>
  <tr>
  <th>Bad Password Patterns</th>
  <th>Is It Memorable?</th>
  <th>Time To Crack</th>
  </tr>
  </thead>
  <tbody>
  <tr>
  <td>A common word (example: <code>december</code>)</td>
  <td>Yes.</td>
  <td>18 milliseconds <small>(Seriously. Try it in the box at the top.)</small></td>
  </tr>
  <tr>
  <td>An easily-typed spatial word (example: <code>qwerty</code> or <code>aaaaaaaa</code>)</td>
  <td>Very much so.</td>
  <td>10 milliseconds</td>
  </tr>
  <tr>
  <td>The family dog (example: <code>rusty</code>)</td>
  <td>Yep.</td>
  <td>27 milliseconds</td>
  </tr>
  <tr>
  <td>An important number, such as a date or zip code (example: <code>03261981</code>)</td>
  <td>It&#39;s memorable to you, certainly.</td>
  <td>2.213 seconds</td>
  </tr>
  <tr>
  <td>A word with trivial letter→number substitutions (example: <code>S4nfr4n</code>)</td>
  <td>Sort of memorable, but you may forget which letters are substituted for numbers.</td>
  <td>639 milliseconds</td>
  </tr>
  </tbody>
  </table>
  <p>If your password resembles any of these examples, it is <em>instantly crackable.</em> Even a mix of these patterns, such as <code>[common word]+[number]</code> will be straightforward to crack.</p>
  <p>Compare those to a passphrase:</p>
  <table>
  <thead>
  <tr>
  <th>Password Pattern</th>
  <th>Is It Memorable?</th>
  <th>Time To Crack</th>
  </tr>
  </thead>
  <tbody>
  <tr>
  <td>Four or more randomly chosen words (example: <code>mergers decade labeled manager</code>)</td>
  <td>Type it a few times, and you&#39;ll have it committed to memory.</td>
  <td><strong>6,000,126 centuries.</strong> Give or take.</td>
  </tr>
  </tbody>
  </table>
  <h2 id="is-it-really-that-easy-to-crack-a-password-how-is-it-done-exactly-">Is it really that easy to crack a password? How is it done, exactly?</h2>
  <p>The method for cracking usually looks something like this:</p>
  <ol>
  <li>First, the hackers start with a bunch of wordlists. The <a href="https://xato.net/passwords/more-top-worst-passwords/">top 10,000 passwords</a> is a good place to start. Also, lists of all English words, all names, dates, and so on. In less than one second, <a href="https://xato.net/passwords/more-top-worst-passwords/">30% of all passwords will be cracked</a>.</li>
  <li>After exhausting those wordlists, they will try all of the words again with common substitutions: capitalizing the first letter (<code>december</code> → <code>December</code>), making common letter-for-number swaps (<code>december</code> → <code>d3cemb3r</code>), and other common password variations.</li>
  <li>Next, they start combining the previous wordlists. Name + date (<code>doug3251983</code>). Name + [separator] + date (<code>doug.3251983</code>).</li>
  <li>If all else fails: brute force, a.k.a. try every combination of characters. Try <code>a</code>, then <code>b</code>, then <code>c</code> ... eventually <code>aa</code>, <code>ab</code>, <code>ac</code> ... eventually <code>6j2b#hi8</code>, <code>6j2b#hi9</code>, <code>6j2b#hi0</code>, et cetera.</li>
  </ol>
  <p>If your password is based on any kind of pattern, using some combination of the above steps, it will eventually be cracked. Depending on how well-protected a website keeps your password, modern computers can make somewhere between 10,000 and <a href="http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/">350 billion guesses</a> per second.</p>
  <p>Your best defense is using a truly random password generator (like this site).</p>
  <h2 id="i-get-it-simple-passwords-are-cracked-easily-but-why-should-i-use-a-random-pass-phrase-instead-of-say-ipz2-az8k-0h-">I get it, simple passwords are cracked easily. But why should I use a random pass<em>phrase</em> instead of, say, <code>ipz2!az8k%0h</code>?</h2>
  <p>There are dozens of random password generators out there that will happily put together a bunch of random characters for you to use as a password. These random passwords are secure, but they&#39;re a huge pain to actually remember.</p>
  <p>Random passphrases provide the best combination of <strong><u>memorability</u></strong> and <strong><u>security</u></strong>.</p>
  <p>By way of example, here are two passwords with similar crackability:</p>
  <table>
  <thead>
  <tr>
  <th>Password</th>
  <th>Time to crack</th>
  </tr>
  </thead>
  <tbody>
  <tr>
  <td><code>p%9y#k&amp;yFm?</code></td>
  <td>Approximately 90,182,663 centuries</td>
  </tr>
  <tr>
  <td><code>logic finite eager ratio</code></td>
  <td>Approximately 189,658,722 centuries</td>
  </tr>
  </tbody>
  </table>
  <p>Which would you rather remember?</p>
  <h2 id="fine-you-ve-convinced-me-i-ll-use-a-passphrase-what-else-can-i-do-to-increase-my-security-">Fine, you&#39;ve convinced me. I&#39;ll use a passphrase. What else can I do to increase my security?</h2>
  <p>The recipe for perfect password management is straightforward.</p>
  <h3 id="1-use-a-password-manager-">1. Use a password manager.</h3>
  <p>Firefox, Chrome, Safari and Internet Explorer all have built in password managers. But if you plan to use your passwords across devices, you probably should use one of these:</p>
  <ul>
  <li><a href="//agilebits.com/onepassword"><strong>1 Password</strong></a> (Windows, Mac, iOS, Android)</li>
  <li><a href="//lastpass.com/"><strong>LastPass</strong></a> (iOS, Android; Chrome plugin works on Windows, Mac, Linux)</li>
  <li><a href="keepass.info/"><strong>KeePass</strong></a> (Linux, Windows, Mac, Android)</li>
  </ul>
  <h3 id="2-use-a-strong-u-master-password-u-for-your-password-manager-">2. Use a strong <u>master password</u> for your password manager.</h3>
  <p>This is when a passphrase would be especially useful.</p>
  <h3 id="3-use-a-different-passphrase-for-every-site-">3. Use a different passphrase for every site.</h3>
  <p><span style="color: #000;">belief romanian bridge profit</span><br><span style="color: #333;">arts started bundle disease</span><br><span style="color: #666;">delay gradual asset centers</span><br><span style="color: #999;">keating post warburg johnson</span><br><span style="color: #AAA;">efforts denying billed buy</span><br><span style="color: #CCC;">whose category fonts mutual</span><br><span style="color: #EEE;">easing autonomy weight five</span></p>
  <p>And so on.</p>
  <h2 id="should-i-really-be-getting-my-password-from-a-website-">Should I really be getting my password from a website?</h2>
  <p>Honestly? Probably not. But in this page&#39;s defense, it makes <strong>zero</strong> external calls (no images, no javascript). Check your browser&#39;s network tab to verify. The passwords are all created by code contained in this page, and they are never stored.</p>
  <p>For extra security, this page is designed to run entirely offline: <a href="/generate_passphrase.html" download>save</a> this page to your hard drive, disconnect from the internet, and open it in a browser. This way you can assure that the passwords are not being transmitted anywhere.</p>
  <p>And for the truly paranoid, I recommend something called <a href="http://world.std.com/~reinhold/diceware.html">diceware</a>, which is a completely offline, non-computer based method of creating passphrases. It involves six dice, and a printed wordlist. The author also recommends you close your blinds while doing it.</p>
  <h2 id="thanks-for-reading-and-stay-secure-">Thanks for reading, and stay secure!</h2>
</div>
<div class="footer">
  <div class="container">
    <p><b>Credits:</b>
    <p>The password strength algorithm uses <a href="https://github.com/dropbox/zxcvbn">zxcvbn.js</a>, which was created by Dropboxer <a href="https://github.com/lowe">Dan Wheeler</a>. Site created by <a href="http://www.twitter.com/mikehearn" target="_blank">@mikehearn.</a></p>
    <p>Bytes Unlimited, ©, 2012</p>
    <p><b>Legal &amp; Tech:</b></p>
    <p>The algorithm assumes 10,000 guesses per second, which is consistent with passwords hashed using bcrypt, scrypt or PBKDF2. If a database contains passwords hashed with MD5 or SHA-256/512, then no amount of password security is really going to help.</p>
    <p>I assume no responsibility if you use a password from this site and subsequently are hacked.</div>
</div>
</div>
<script src="js/zxcvbn.js?__inline=true"></script>
<script src="js/wordlist.js?__inline=true"></script>
<script src="js/script.js?__inline=true"></script>

<script>
window.onscroll = function() {myFunction()};

var header = document.getElementById("myHeader");
var sticky = header.offsetTop;

function myFunction() {
  if (window.pageYOffset > sticky) {
    header.classList.add("sticky");
  } else {
    header.classList.remove("sticky");
  }
}
</script>

</div>
</body>
</html>