Google Chrome password generator algorithm.

The application runs 100% locally, we do not track anything.

npm install chromepass
// or
npm install git+ssh://[email protected]/jojoee/chromepass
// or run globally
npm install -g chromepass
chromepass
chromepass 10

// commonjs
const { generator } = require('chromepass').default.v1
for (let i = 0; i < 10; i++) {
  const password = generator()
  console.log(password)
}

// ES6
import chromepass from "chromepass"
const generator = chromepass.v1.generator
for (let i = 0; i < 10; i++) {
  const password = generator()
  console.log(password)
}

Algorithm is described in password_generator.cc.

1. Define a set of character which contains 4 classes

   • lowercase
   • uppercase
   • number
   • special character

2. Remove characters due to visual similarity

   • l (lowercase L)
   • I (capital i)
   • 1 (one)
   • O (capital o)
   • 0 (zero)
   • o (lowercase O)

   So, we will got all possible characters in each class

   • lowercase: abcdefghijkmnpqrstuvwxyz
   • uppercase: ABCDEFGHJKLMNPQRSTUVWXYZ
   • number: 23456789
   • special character: *!-@%#.$_& (without ambiguous characters e.g. {}[]()/\'":;)

3. Generate

   3.1 Random minimum character of each class - lowercase: 1 character - uppercase: 1 character - number: 1 character - special character: 1 character

   3.2 Random the rest evenly, until met 15 character length

4. Shuffle up to 5 if found -- and __ in a generated password to improve readability

• How do I decide whether @types/* goes into dependencies or devDependencies?
• Chrome generated passwords not high entropy?
• Secure Password Generator