NARPassword is a utility to generate a non-random password based on a personal pass phrase and password name. It supports password options like length and what types of characters to include. The source code is available in both C# and Java.
The goal of this application is to produce passwords that are very unlikely to show up in a dictionary attack. It does not store generated passwords or pass phrases. I am not aware of a way to reverse a password generated by NARPassword back to the password + pass phrase combination that created it. I also flunked out of junior college so there's that to consider.
I make no guarantees about the security of your accounts if you use NARPassword. Someone who is determined to hack you will not be deterred by long random-looking passwords. If your system has been compromised with a keylogger or the like this will not help at all. If you use different password names and/or pass phrases for every online account then it will offer some protection against someone using one compromised account to access other accounts. That is the main intent of NARPassword.
Look at it this way, let's say you have an account on a hypothetical site called "Acebook" that "accidentally" stored millions of passwords in plain text and left them somewhere easy for hackers to reach. Said hackers then write scripts that try all these account name + password combinations on literally every site on the internet. Just having a different password on each site buys you a lot of security for a low cost. If the passwords are complex then you are also protected against an attack that tries the top 1,000,000 most frequently used passwords against your account.
I don't care if you use my application. I really don't, I'll sleep just fine with zero downloads. Please use something though. Using unique, complex passwords for each site is something everyone needs to do now. You have a password that's been compromised already even if you don't know it.
There are a couple different things in this repository:
- Java library (no UI)
- Java Swing UI - runs on anything that supports Swing
- JavaFX UI - runs on anything that supports Java 11 + OpenJFX, only explicitly tested on Ubuntu and Windows
- .NET UI - runs on Windows and Linux via Mono
- Android UI - this mostly exists for me to learn how to build Android apps, it's built against a now old version of the SDK, I don't plan to release it on an app store
The JavaFX version is the only one being actively maintained at the moment. This is simply because I think JavaFX is a fun way to write UIs quickly. The JavaFX version also has a (very) crude set of features to save password settings that's not in the other versions. The JavaFX version also intentionally uses a code style designed to annoy people who comment on Java development sites.
In general the UI code is not well organized and is almost as ugly as the UI itself. I'm very bad at UI development but will try to at least make the JavaFX version less awful.
The Java versions are dependent on https://github.com/huguesjohnson/DubbelLib - which will be bundled into releases. If you're planning to build from source though then you know what you need to do.
Links
Project page - https://huguesjohnson.com/narpassword/