By RWTH Aachen University
Open the Mac App Store to buy and download apps.
RPG is a tool for generating human-readable passwords that strives at being as simple as possible
- Passwords are generated from syllables, numbers, and symbols
- Syllables can be capitalized to enhance security at a very low cost for the user.
- Symbols are picked from the iPhone's first (Symbols 1) and second (Symbols 2) keyboard layout to allow quick entry on your mobile phone.
- Certain characters can be excluded from the password generation process to avoid typographical similarities (l vs. I)
- For each password a secure hash (SHA-1) is generated consisting of 40 HEX characters, which can be used for extra strong passwords.
- A minimized version of the RPG window stays on top of other applications to aid password entry where copy&paste is not available.
What's New in Version 1.01
If RPG crashes after updating to this version (1.01), please delete your previous application settings by running the following command in Terminal: rm -Rf ~/Library/Containers/de.rwth-aachen.hci.rpg
This problem is caused by the transition to using the application sandbox. We are very sorry for the inconvenience.
Filter for bad words in the generated password
Average to poor App; poor support
The app looked like a simple to use App for generating throw away passwords for sites that wants one (it seems like every site wants one). The UI was clean, and it looked like it was easy to use.
Unfortunately, the app has a few problems. First, when the first three boxes are checked to provide criteria/requirements (Capitalize, Numbers, Symbols 1), then the generator sometimes omits the number. This will cause a failure when password requirements require a number in the set.
Second, the longest password we can generate is 14, which results in low entropy for the password. Since I use this app for throw away passwords, I prefer 20 to 32 characters. At 1-1.5 bits of entropy per character in US English, RPG can oly generate passwords with about 14 to 20-bits of security. At 20 to 32 characters, we can get to a semi-modern 30 to 50-bits of security.
Thrid, the length problem was reported in the past. It was never acknowledged or fixed, so that leads to the "poor support" observation.
There does not seem to be a reason for the transparency in the single panel of the program. It really is visually confusing. Other than that, a well thought out design.