{
"info": {
"author": "Raspberry Aether",
"author_email": "raspberryaether@riseup.net",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 3 - Alpha",
"Environment :: Console",
"License :: OSI Approved :: GNU General Public License v2 (GPLv2)",
"Natural Language :: English",
"Programming Language :: Python :: 2",
"Programming Language :: Python :: 2.7",
"Topic :: Security",
"Topic :: Security :: Cryptography",
"Topic :: Utilities"
],
"description": "Introduction\n============\n**dwpwg**, the **d**ice**w**are **p**ass**w**ord **g**enerator...\n\n...is a Diceware-inspired passphrase/keyphrase construction utility.\n\nTL;DR\n=====\nIf you don't quite understand this section, skip to the next section,\nand *read the whole page*. More detailed instructions follow.\n\nYou will need at least one d20. Run:\n\n sudo pip install dwpwg\n dwpwg --help\n\nDo not use fewer than 4 words for anything.\nDo not use fewer than 8 words for an encryption key.\nDo not use fewer than 12 words for anything involving cryptocurrency.\n***NEVER LOSE A CRYPTOGRAPHIC KEYPHRASE,*** or everything will be gone forever.\nYou have been warned.\n\nWhy?\n====\n\nFirst, read:\n \n\nIt is easy for humans to think up terrible passwords. As a matter of fact, it\nis reasonable to assume that humans are incredibly lousy at thinking up anything\nthat is meant to be random and unguessable. Because of an illogical yet\nnear universal misconception that \"hard to remember == hard to guess\", we use\nweaker passwords than we should, and to add insult to injury, we forget them.\n\nDiceware is a method invented by one Arnold G. Reinhold for generating \neasy-to-remember passwords which are also extremely difficult for even a\npowerful supercomputing cluster to guess.\n\nMore required reading:\n \n\nAbout\n=====\n\nDespite its name, this program is not intended to generate random passwords.\nIt is designed, instead, to generate random word lists, and create passwords\nfrom a very small, randomised subset of those wordlists using entropy generated\nusing 20-sided dice normally used for tabletop gaming.\n\nNote that in this modern age, it no longer makes (and maybe never did make) you\na crazy person to believe that you may be being watched. In such a case, from \na security perspective, dwpwg does as good or only slightly better than an \nordinary random password generator; all of its utility will manifest in the \neasy-to-remember passwords it will help you generate.\n\ndwpwg thrives, however, in the art of cryptographic keyphrase generation. In a\ncase where an adversary has purposefully debilitated the pseudorandom number \ngenerating software on your computer, they can theoretically weaken any\nencryption keys generated therewith. However, assuming that:\n\n - your machine is offline and/or free of keyloggers/rootkits, and\n - dwpwg itself is intact, and \n - the Python interpreter on your machine, its operating system, or the machine\n itself has not been compromised in a way more or less *specifically \n targeting dwpwg*, \n\nan attacker would have to compromise *both* your computer's pseudorandom number\ngeneration routines AND your dice in order to effectively mount a reduced \nkeyspace attack against you.\n\nA \"super paranoid\" mode is in development to tackle the remaining concerns\nabove by allowing a list to be printed and used offline (albeit with much of\nthe convenience understandably lost). This mode is superior to simply using an\nalready-constructed wordlist because an attacker necessarily must compromise\nboth your dice and your list in order to have an easier time guessing your \npassphrase. Using a publicly-available list hands them half of the puzzle for\nfree.\n\nInstalling\n==========\n\nPrerequisites:\n- Python 2.7.x\n- pip\n- an Internet connection\n\ndwpwg is available from PyPI using ```pip install dwpwg```. Depending on your\nenvironment, you will probably need to be root (on GNU/Linux) or running as\nAdministrator (on Windows). Run:\n\n pip install dwpwg\n\nIf you prefer to run the development version of dwpwg, or to run it in-place\nrather than installing, that is possible too:\n\n git clone https://github.com/raspberryaether/dwpwg.git\n cd dwpwg\n python -m dwpwg --help\n\nIt is also possible to manually create and install the dwpwg package locally.\nPerform the steps above to get the development version, then, as root or\nAdministrator:\n\n python setup.py install\n\n\nDetailed usage instructions\n===========================\n\nThis is a command-line utility. If you are this concerned with security, we will\nassume you have at least general knowledge of how to execute one. If you do not,\nwe strongly suggest you get familiar with it. In today's political climate, \nthings are only going to get worse for those who rely on cushy UIs for \neverything.\n\nYou'll need to have at least one 20-sided die, though the more you can roll\nat once, the faster entropy generation will go. Using a dice cup will improve\nyour speed (faster rolls), convenience (no \"cleanup\" or \"runaways\"), and \nsecurity (smaller viewing angle for eavesdroppers and an arguably \nharder-to-analyse acoustic profile). Just be sure to actually shake the dice,\nnot just swirl them around.\n\nYou followed the installation instructions above, right? Good. Run the following:\n\n dwpwg \"{.} {.} {.} {.}\"\n\nreplacing the given pattern with a custom one of your choice if desired.\n\nPatterns are constructed as follows:\n- `{.}` is replaced by a lowercase word.\n- `{+}` is replaced by a Capitalized word.\n- `{@}` is replaced by an ALL-CAPS word.\n- `{%}` is replaced by the numerical value of one dice roll.\n- `{#42}` is replaced by a number no higher than 42.\n- `{{` is replaced by `{` as soon as it is encountered.\n- `}}` is replaced by `}` if there is no currently open brace.\n- any other character is treated as a literal (kept unchanged).\n\nFor example, the pattern:\n {{octothorpe_{@}.{%}-{#1000}[{+}{.}]}}\n\nmay output the passphrase:\n {octothorpe_RAZOR.12-254[Applynougat]}\n\nFollow onscreen instructions. Press ENTER after entering each individual die\nroll.\n\nYour password will be displayed in plaintext on the last line. Physically \nsecure your device as necessary. When in doubt, close your shades, lock your \ndoor, wear a tinfoil hat (that one is a joke, but we are sure it won't hurt \nanything if you insist), and do it all over again.\n\nDo not use fewer than 4 words for anything.\nDo not use fewer than 8 words for an encryption key.\nDo not user fewer than 12 words for anything involving cryptocurrency.\n***NEVER LOSE A CRYPTOGRAPHIC KEYPHRASE,*** or everything will be gone forever.\n\nDO NOT LOSE YOUR PASSWORD; **ESPECIALLY IF IT IS FOR ENCRYPTION OR \nCRYPTOCURRENCY**. If in doubt, **write it down** and put it somewhere **safe**\nfrom prying eyes, fire, and flood alike. Make an hourly habit of reciting your \npassphrase inside your head.\n\nREMEMBER: **If you lose an encryption or cryptocurrency keyphrase, all your\ndata and/or money will be gone forever**. There's only so many times we can\nwarn you. ***DO NOT LOSE YOUR KEYPHRASE.***\n\nLegal\n=====\n\ndwpwg\n-----\n\ndwpwg - (d)ice(w)are (p)ass(w)ord (g)enerator\nCopyright (C) 2017 Raspberry Aether\n\nThis program is free software; you can redistribute it and/or\nmodify it under the terms of the GNU General Public License\nas published by the Free Software Foundation; either version 2\nof the License, or (at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.\n\nWord lists\n----------\n\nThough the copyright status of word lists is dubious at best, the author of the\nwordlists used by dwpwg releases it under the terms of the GNU GPLv2, and we do\nnot wish to ruffle any feathers. Therefore, to simplify things, we released this\napplication, and the heavily-modified wordlists within, under the same licence.\n\nCopyright information for the word source(s):\n\n Copyright (c) Frank Richter 1995-2016\n GNU General Public License, see COPYING for details\n It comes with ABSOLUTELY NO WARRANTY.\n\nAt the time of this writing, the master word list was available at:\n\n \n\nNote that the master word list is a German-to-English translation dictionary\nand, therefore, had to be processed beyond recognition in order to create the\nwordlists distributed with this application. Of course, you may use our modified\nlists under the terms of the same licence as the source material.\n\nSupport us\n==========\n\nWe accept donations in cryptocurrency.\n\n| Currency | Address | QR |\n| -------- | ------- | --- |\n| Monero | 45DmoRGs9wLUXNBvHo7pS6Wg1VuVQJHsg1
eCRrNCgGxSf6n6oep1daE2eo3wNUZAoyDz
y94HNFRUogn2oAVup7WCAqDJmHp |  |\n| Bitcoin | 144PQPFa2sVm7mGHdSayk8VjzFVzSbBMCM |  |\n\n\nThank you for your generosity.\n",
"description_content_type": null,
"docs_url": null,
"download_url": "UNKNOWN",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/raspberryaether/dwpwg",
"keywords": "diceware,password,passwords,passphrase,passphrases,security,bitcoins,monero,crypto,cryptocurrency,key,keys,keyphrase,keyphrases,encryption,nsa,surveillance,privacy,private,secret,secrecy,generate,generator,dice,d20,brainwallet,wallet",
"license": "UNKNOWN",
"maintainer": null,
"maintainer_email": null,
"name": "dwpwg",
"package_url": "https://pypi.org/project/dwpwg/",
"platform": "UNKNOWN",
"project_url": "https://pypi.org/project/dwpwg/",
"project_urls": {
"Download": "UNKNOWN",
"Homepage": "https://github.com/raspberryaether/dwpwg"
},
"release_url": "https://pypi.org/project/dwpwg/0.0.2/",
"requires_dist": null,
"requires_python": null,
"summary": "(d)ice(w)are (p)ass(w)ord (g)enerator",
"version": "0.0.2"
},
"last_serial": 2618809,
"releases": {
"0.0.1": [
{
"comment_text": "",
"digests": {
"md5": "7a860bfdee77ec5e95ec95f4d0b82c8b",
"sha256": "dacb2a6bae3d219df7deb260ca79088ed06aebbf402cb4ae455c926028e8ca01"
},
"downloads": -1,
"filename": "dwpwg-0.0.1.tar.gz",
"has_sig": false,
"md5_digest": "7a860bfdee77ec5e95ec95f4d0b82c8b",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 151704,
"upload_time": "2017-01-30T06:41:02",
"url": "https://files.pythonhosted.org/packages/ee/b5/3084ab0f49447b16e562f181da61fae87e854190d298c444c974272d5de7/dwpwg-0.0.1.tar.gz"
}
],
"0.0.2": [
{
"comment_text": "",
"digests": {
"md5": "f09e74a657281b85e8f1b234582f72b5",
"sha256": "b07dd12f324a6ceabbf9ff3361e61af5703320103ce74a9eb27d34b359223e14"
},
"downloads": -1,
"filename": "dwpwg-0.0.2.tar.gz",
"has_sig": false,
"md5_digest": "f09e74a657281b85e8f1b234582f72b5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 153233,
"upload_time": "2017-02-04T11:14:54",
"url": "https://files.pythonhosted.org/packages/ed/98/c6f6bc14869ce4ebeb9172bec9fc5a804919d4f1d79db6c15ef239daec5b/dwpwg-0.0.2.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "f09e74a657281b85e8f1b234582f72b5",
"sha256": "b07dd12f324a6ceabbf9ff3361e61af5703320103ce74a9eb27d34b359223e14"
},
"downloads": -1,
"filename": "dwpwg-0.0.2.tar.gz",
"has_sig": false,
"md5_digest": "f09e74a657281b85e8f1b234582f72b5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 153233,
"upload_time": "2017-02-04T11:14:54",
"url": "https://files.pythonhosted.org/packages/ed/98/c6f6bc14869ce4ebeb9172bec9fc5a804919d4f1d79db6c15ef239daec5b/dwpwg-0.0.2.tar.gz"
}
]
}