Show HN: Memorable but hard to crack password generator

As mentioned these passwords aren&#x27;t hard to crack.<p>Anything based on a word list is going to be inherently easy to crack, and with a predictable format like word-separator-word, it is even easier.<p>I realise this is a fun weekend project, and learning new languages is always a good thing, but I think it&#x27;s a little irresponsible to make any claims that these passwords are secure.<p>Also as mentioned, if people were to actually use this for password generation it should be behind SSL, although I would discourage anyone from using passwords generated by a remote service.

Having uncommon words doesn&#x27;t make a password hard to crack, they&#x27;re in the dictionary just the same.

Assuming a generous 1000000 words in the dictionary, and any non-letter ASCII printable separator allowed as a separator, this is equivalent to a 9 character random password with just lower case letters and digits, or a 7 character random password if all printable ASCII is allowed. It&#x27;s about 46 bits of entropy. That is a bit low by modern minimum acceptable password length standards.

Should this not be behind SSL? Looks good though.

Pretty cool! What does the &quot;&lt;huge number&gt; to one&quot; mean exactly?

john --wordlist