paspio

paspio is a library that can help you determine the level of entropy of a password to measure its unpredictability against brute force attacks.

1. Installation

1.1. Installing the library in your own project

Add the following to your project's Cargo.toml file:

paspio = "0.3"

1.2. Installing the command-line utility

  • Cargo:
cargo install paspio
  • Arch User Repositories:
git clone https://aur.archlinux.org/paspio-git.git
cd paspio-git
makepkg -si

1.3. Building the project from source

git clone https://git.sr.ht/~grtcdr/paspio
cd paspio
cargo build --release

2. Usage

This section illustrates a few examples of what it is like to use paspio in the shell and how it integrates with other security tools.

2.1. Generating a password with pwgen and verifying its entropy:

password=$(pwgen -sync 24 1)
entropy=$(paspio "$password")
echo "${password} - ${entropy}"
gx|jk4+16`,OLfr<(Z(kx9jS - 157.31 bits

2.2. Parsing the password entropy from a set of passwords

Here's our set:

Passwords
passw0rd
as0nahKainj
9fjxQvHuWTA5opx9r2i
-eW!v8y3bmwLbs_(Exf5Xs4!&r

Return the entropy of the individual passwords:

for password in $set; do
 entropy=$(paspio "$password")
 echo "${password} ${entropy}" | awk '{ print $1, $2 }'
done
Password Entropy
passw0rd 41.36
as0nahKainj 65.5
9fjxQvHuWTA5opx9r2i 113.13
-eW!v8y3bmwLbs_(Exf5Xs4!&r 170.42

2.3. Analyzing the difference in entropy between a set of passwords

weaker_password=$(pwgen 8)
stronger_password=$(pwgen -sync 16)

weaker_password_entropy=$(paspio $weaker_password)
stronger_password_entropy=$(paspio $stronger_password)

echo "${weaker_password} is ${weaker_password_entropy}"
echo "${stronger_password} is ${stronger_password_entropy}"
Loosh7ko is 47.63 bits
JhB#>xqF8[MTmnqn is 104.87 bits