PHPackages elcodedocle/chbspassgen - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. elcodedocle/chbspassgen ActiveClass[Security](/categories/security) elcodedocle/chbspassgen ======================= Safe and easy to remember high entropy password generator. Dictionary based, yet brute force resistant. 0.1.0(1y ago)2231MITPHPPHP >=5.3.0 Since Sep 2Pushed 1y ago1 watchersCompare [ Source](https://github.com/elcodedocle/chbspassgen)[ Packagist](https://packagist.org/packages/elcodedocle/chbspassgen)[ Docs](https://github.com/elcodedocle/chbspassgen)[ RSS](/packages/elcodedocle-chbspassgen/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) chbspassgen =========== [](#chbspassgen) ##### Generate strong passwords you can easily remember, with lots of entropy [](#generate-strong-passwords-you-can-easily-remember-with-lots-of-entropy) Copyright (C) 2014 Gael Abadin License: [MIT Expat](https://raw.githubusercontent.com/elcodedocle/chbspassgen/master/LICENSE) [![chbspassgen password generator test site snapshot with default settings](webapp-screenshot.png "This is how chbspassgen's test web app looks like. Check it out on https://synapp.info/password-generator ;-) )")](webapp-screenshot.png) ### Motivation [](#motivation) I wanted to build a class able to pick random words from a dictionary in a safe way, so they could be suggested as safe passwords ([Correct, horse. That's a battery staple](http://xkcd.com/936/)). ### How to use [](#how-to-use) Basic usage: ``` require_once 'cryptosecureprng/CryptoSecurePRNG.php'; require_once 'dictionary/DictionaryInterface.php'; require_once 'dictionary/Dictionary.php'; require_once 'PasswordGeneratorAbstract.php'; require_once 'PasswordGenerator.php'; $passwordGenerator = new synapp\info\tools\passwordgenerator\PasswordGenerator(); // Expects a dictionary generated from a source on a file named 'top10000.txt' $password = $passwordGenerator->generatePassword(); // Generates a password with default settings $entropy = $passwordGenerator->getEntropy(); // entropy of the last generated password (won't change unless you change settings) ``` That's it. Pretty easy, huh? There are many parameters you can tinker with, though: ``` // Here is a quick debrief on the class constructor parameters (See the phpdoc blocks for more info): $passwordGenerator = new synapp\info\tools\passwordgenerator\PasswordGenerator( // the dictionary // (null defaults to new Dictionary($this->defaultDictionaryFilename,$minReadWordsWordSize)) // with $this->defaultDictionaryFilename set to 'top10000.txt' $dictionary = null, // set the level of entropy used when none is explicitly specified on the generatePassword() call // (null defaults to $this->defaultLevel, set to 2) $level = 2, // a string of unique chars from where to randomly choose the password separator // (null defaults to $this->defaultSeparator, set to ' ') $separators = ' ', // an ascending ordered array of ints containing the minimum entropies for each level // (null defaults to $this->defaultMinEntropies, set to array(64,80,112,128)) $minEntropies = array(64,80,112,128), // boolean, whether to use selected random variations on the password words to increase entropy // defaults to true $useVariations = false, // (array of booleans which activate random variations on the words, increasing entropy. // Valid keys: 'allcaps', 'capitalize', 'punctuate', 'addslashes'). Use null for defaults. $variations = null, // Minimum length of the words used to create the password // (null defaults to $this->defaultMinWordSize, set to 4) $minWordSize = 4, // Minimum length of the words read from the dictionary source // (null defaults to $this->defaultMinReadWordsWordSize, set to 4) $minReadWordsWordSize = 4, //(minimum length of the words read from the Dictionary source) // the pseudoaleatory random generator (new CryptoSecurePRNG() by default) $prng = new synapp\info\tools\passwordgenerator\cryptosecureprng\CryptoSecurePRNG() ); // generatePassword method takes almost the same parameters as the contructor: $password = $passwordGenerator->generatePassword( $dictionary = null, // use null to skip parameters (set to the current setting) $minEntropy = null, // and here too, and anywhere else when you want to $level = 1, // specify further parameters like this one $separators = '_ -', // and this one $useVariations = true, // and this one $variations = array( // and this one too 'allcaps'=>true, // (BTW, this system also works in the constructor, where you can 'capitalize'=>true // specify some params and leave others to their defaults using null) ) ); // getEntropy can return a pretty accurate estimate of the entropy of the last generated // password, but can also be given a password and a set of parameters to extract its entropy $entropy = $passwordGenerator->getEntropy( $password, $dictionary = null, $variationsCount = null, $lastOrSeparator = true, $separatorsCount = null ); ``` Check the code (or generate the docs using phpdocumentor) if you want more info on tweaks and available parameters. ### Web app [](#web-app) There is also available a little demo web app ([passgenController.php](https://github.com/elcodedocle/chbspassgen/blob/master/webapp/passgenController.php), [passgenClientController.js](https://github.com/elcodedocle/chbspassgen/blob/master/webapp/passgenClientController.js) and [password\_generator.html](https://github.com/elcodedocle/chbspassgen/blob/master/webapp/password_generator.html)) you can load by uploading all the files to a public folder on your web server and pointing your browser to password\_generator.html Here is a demo: ### Acks [](#acks) Caffeine. [Peter Norvig](http://norvig.com/) for being such an awesome professor (Check out his [Stanford University course on AI](https://www.udacity.com/course/cs271)) and publishing the [compilation of the 1/3 million most frequent English words](http://norvig.com/ngrams/count_1w.txt) on the [natural language corpus data ](http://norvig.com/ngrams/)from where the [word list](https://github.com/elcodedocle/chbspassgen/blob/master/top10000.txt) used by the default dictionary source for this project has been derived (Also thanks to [Josh Kaufman](https://github.com/worldlywisdom) too for the tip). [Randall Munroe](http://xkcd.com). He is funny, smart, and inspiring. Thanks, Mr. Munroe. And that's all for now, folks. If you like this project, feel free to buy me a beer ;-) bitcoin: 1A7rSMddjwPbxFW71ZD724YaQLa8HCAJTT dogecoin: DAQBLYtCjBnZ8eGdcaR7kE517Ew5tptUeW paypal: Have fun.- ### Health Score 20 — LowBetter than 14% of packages Maintenance34 Infrequent updates — may be unmaintained Popularity10 Limited adoption so far Community8 Small or concentrated contributor base Maturity24 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 622d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/3731026?v=4)[elcodedocle](/maintainers/elcodedocle)[@elcodedocle](https://github.com/elcodedocle) --- Top Contributors [![elcodedocle](https://avatars.githubusercontent.com/u/3731026?v=4)](https://github.com/elcodedocle "elcodedocle (17 commits)") --- Tags high entropypassword generatorpassword securitysecure password ### Embed Badge ![Health badge](/badges/elcodedocle-chbspassgen/health.svg) ``` [![Health](https://phpackages.com/badges/elcodedocle-chbspassgen/health.svg)](https://phpackages.com/packages/elcodedocle-chbspassgen) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)