diceware-site

A service that makes automatic password generation easy and secure.

Generated passwords are capable of meeting the majority of websites' odd password requirements, which typically require upper&lowercase letters, a number, and a symbol (this is not an endorsement of those requirements, just a tool to work within them quickly).

The server generates passwords server-side, not client-side. Generated passwords are not stored.

Table of contents

• diceware-site
  • Table of contents
  • Run it quickly
  • Run it quickly, with TLS
  • Setup
    • Build with golang
  • Attributions
  • Disclaimers
  • Related projects

Run it quickly

By default, the extended word list is not used. It can be enabled with the -x flag.

podman run --rm -it -p "127.0.0.1:29102:29102" \
  ghcr.io/charles-m-knox/diceware-site:latest

Run it quickly, with TLS

Normally, the site would be run behind a TLS-terminating reverse proxy like Caddy. However, given this generates passwords, you may want the site to serve via your preferred TLS certificates.

make gen-tls-certs # requires interactive prompts to be answered

podman run --rm -it \
  -v "${PWD}/cert.pem:/cert.pem:ro" \
  -v "${PWD}/key.pem:/key.pem:ro" \
  -p "127.0.0.1:29103:29102" \
  ghcr.io/charles-m-knox/diceware-site:latest \
    /diceware-site -cert /cert.pem -key /key.pem -addr 0.0.0.0:29102

Setup

These files come from this repository. They are tracked via git lfs, so make sure you have that working.

Build with golang

git clone https://github.com/charles-m-knox/diceware-site.git

cd diceware-site

go get -v

# build without cgo for compatibility on some cloud systems
# see `go tool dist list` for supported build targets
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o diceware-site
make gen-tls-certs # requires interactive prompts to be answered
./diceware-site

Test it out:

curl -kv https://localhost:29102

Attributions

Word lists come from:

• https://github.com/dwyl/english-words
• https://github.com/ulif/diceware

Disclaimers

• This project uses the standard built-in Go cryptographic random number generation algorithms. That being said, I cannot guarantee that any password generated by this tool will keep you safe from being compromised.
• Additionally, the code in this project is far from perfect. I are sharing this code with the community without any warranty. Use it at your own discretion.
• This service absolutely does not store any data about its users. Frankly, I don't want your data.

Related projects

I've also written a standalone GUI written in FLTK that offers the same functionality. You can see it here at git.cmcode.dev/cmcode/go-fltk-diceware.