{"id":25422270,"url":"https://github.com/collegeman/fuerte","last_synced_at":"2025-10-31T12:30:39.274Z","repository":{"id":56956643,"uuid":"323671237","full_name":"collegeman/fuerte","owner":"collegeman","description":"A strong password generator with no dependencies, for JavaScript and PHP, Laravel and WordPress.","archived":false,"fork":false,"pushed_at":"2023-05-01T13:36:17.000Z","size":510,"stargazers_count":26,"open_issues_count":2,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-15T14:30:32.891Z","etag":null,"topics":["generator","javascript","laravel","passwords","php","wordpress"],"latest_commit_sha":null,"homepage":"https://makepass.dev","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/collegeman.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-12-22T16:00:00.000Z","updated_at":"2022-08-11T18:11:55.000Z","dependencies_parsed_at":"2022-08-21T08:50:42.885Z","dependency_job_id":null,"html_url":"https://github.com/collegeman/fuerte","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/collegeman%2Ffuerte","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/collegeman%2Ffuerte/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/collegeman%2Ffuerte/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/collegeman%2Ffuerte/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/collegeman","download_url":"https://codeload.github.com/collegeman/fuerte/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239120222,"owners_count":19584980,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["generator","javascript","laravel","passwords","php","wordpress"],"created_at":"2025-02-16T21:24:12.823Z","updated_at":"2025-10-31T12:30:39.240Z","avatar_url":"https://github.com/collegeman.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Fuerte is a strong password generator with no dependencies\n\n\"Through 20 years of effort, we've successfully trained everyone\nto use passwords that are hard for humans to remember, but easy\nfor computers to guess.\" — [XKCD](https://xkcd.com/936/)\n\n![To anyone who understands information theory and security and is in an infuriating argument with someone who does not (possibly involving mixed case), I sincerely apologize.](https://imgs.xkcd.com/comics/password_strength.png)\n\nFuerte is a simple, strong password generator. \n\nIt can create strong \npasswords that you should be using, because they're long and\neasy to remember, like `correct horse battery staple`,\nbut it can also create the sorts of strong passwords that your bank\nand your insurance company want you to use, because they're\ncomplicated, like `Tr0ub4dor\u00263`.\n\nIn a pinch, it can even blend the two methods to create something \nlike `correct!HORSE3battery%staple`, which, while difficult to\nmemorize, is at least equally difficult for a computer to guess.\n\nThe library is available for JavaScript and PHP projects, and if\nyou're using PHP, it installs easily into Laravel and WordPress\ncodebases. \n\nAs of version `1.0.7`, both libraries use cryptographically secure \nrandom number generators.\n\n## Need a new password right now?\n\nYou can experience Fuerte in action on [makepass.dev](https://makepass.dev). Enjoy!\n\n## Quickstart Guide\n\nThere are two versions of Fuerte: one for JavaScript and one for PHP.\nBoth are a part of this codebase.\n\nYou can also use the PHP library as a WordPress plugin or as a Laravel\npackage. \n\nYou only need one of these solutions for your project, but they \ncan also be used together.\n\n### Using the JavaScript library\n\nThe Fuerte package is available via NPM:\n\n```bash\nnpm install @collegeman/fuerte\n```\n\nYou can also just download this repository, place the uncompressed files \namong your project's assets, and then load the the library:\n\n```html\n\u003cscript src=\"/assets/fuerte/dist/fuerte-lib.js\"\u003e\u003c/script\u003e\n\u003cscript\u003e\n  var password = fuerte().make() // a random, memorable password!\n\u003c/script\u003e\n```\n\nYou can also load the library via jsdeliver:\n\n```html\n\u003cscript src=\"//cdn.jsdelivr.net/gh/collegeman/fuerte@1.0.7/dist/fuerte-lib.js\"\u003e\u003c/script\u003e\n\u003cscript\u003e\n  var password = fuerte().make() // a random, memorable password!\n\u003c/script\u003e\n```\n\nOnce added to your project, you can import Fuerte's API like this:\n\n```js\nimport fuerte from '@collegeman/fuerte'\nlet password = fuerte().make() // a random, memorable password!\n````\n\n### Using the PHP library\n\nThe Fuerte package can be installed using Composer:\n\n```bash\ncomposer require collegeman/fuerte\n```\n\nAssuming there are no other functions in your codebase named `fuerte`, you can\nuse Fuerte like this:\n\n```php\n\u003c?php\nrequire __DIR__.'/vendor/autoload.php'; // bootstrap composer's autoloader\n$password = fuerte()-\u003emake(); // a random, memorable password!\n```\n\nIf a conflict exists preventing the helper function from being created, you\ncan access Fuerte via its facade:\n\n```php\n\u003c?php\nuse Collegeman\\Fuerte\\Fuerte;\n$password = Fuerte::make(); // a random, memorable password!\n```\n\n### Using the PHP library in a Laravel project\n\nWhen installed via Composer into a Laravel project, an alias is created \nautomatically, allowing you to access Fuerte from anywhere:\n\n```php\n\u003c?php\n$password = \\Fuerte::make(); // a random memorable password!\n```\n\nThe helper function `fuerte()` is also available.\n\n### Using the PHP library in a WordPress project\n\nIf you're building a WordPress site on [Bedrock](https://roots.io/bedrock),\njust install Fuerte into your project using Composer.\n\nTo install Fuerte into any other WordPress site, first download this repository,\nthen upload the uncompressed files into your site's `plugins` folder into\na subfolder named `fuerte`. Then, activate the plugin.\n\nThere are in-code configuration options. See [WordPress plugin configuration](#wordpress-plugin-configuration), below.\n## Configuring the generator\n\nWhether you are using the JavaScript library or the PHP one, Fuerte's API\nis the same: it's fluent, allowing you to chain method invocations together\nto configure the generator and then make a password, like this:\n\n```js\nlet password = fuerte().memorable().separator('.').capitalize().size(6).make() \n// e.g., \"hedge.pace.DIME.charm.onion.trick\"\n```\n\nThe same code, in PHP:\n\n```php\n\u003c?php\n$password = fuerte()-\u003ememorable()-\u003eseparator('.')-\u003ecapitalize()-\u003esize(6)-\u003emake();\n// e.g., \"snout.exit.SCUBA.watch.silly.hash\"\n```\n\nBecause the API is consistent across platforms, all remaining examples use the JavaScript version.\n\n### Password type\n\nFuerte can generate three types of strong passwords: **memorable** (like `correct horse battery staple`), \n**random** (like `Tr0ub4dor\u00263`), and **PIN** (like `1234`). \n\nYou can tell Fuerte what type of password you want just by\ninvoking the type name:\n\n```js\nfuerte().memorable().make() // e.g., \"film rhyme stunt coat\"\nfuerte().random().make() // e.g., \"TlCxbiKd\"\nfuerte().pin().make() // e.g., \"476\"\n```\n\n### Length/size\n\nPassword length matters: password length not complexity is what makes a password\nhard for a computer to crack (see XKCD comic above). \n\nEach type of password has a minimum length. When you tell Fuerte what type of\npassword you want to generate, it will assume you want to use the minimum safe\nlength for that password. You can then tell Fuerte how long you want the password\nto be using the `size()` method:\n\n```js\nfuerte().memorable().size(5).make() // use 5 words: \"polo blush dug cola lance\"\nfuerte().random().size(32).make() // use 32 characters: \"mSyDqEQwZkgdUINljHiJnLsaYcWbrOuK\"\nfuerte().pin().size(6).make() // use 6 digits: 386419\n```\n\n### Separators\n\nBy default, the **memorable** password type uses spaces to separate the words\nin the password. You can tell it what you want the separator to be using\nthe `separator(string)` method:\n\n```js\nfuerte().memorable().separator('-').make() // \"stark-jog-copy-lilac\"\nfuerte().memorable().separator('.').make() // \"avoid.sleet.gas.view\"\n```\n\nSee *Symbols and Digits* below for more options.\n\n### Symbols and Digits\n\nSometimes a system will require passwords to contain symbols or digits.\n\nThe **random** password type has two additional flags you can set: `symbols()`\nand `numbers()`. These flags will ensure that the passwords generated\ncontain at least 1 of each special character:\n\n```js\nfuerte().random().numbers().make() // e.g., \"1A2oPvxR\"\nfuerte().random().symbols().make() // e.g., \"kQm#_xiA\"\nfuerte().random().numbers().symbols().make() // e.g., \"ZCJhGO5%\"\n```\n\nThe **memorable** password type supports Symbols and Digits using the\n`separator()` method. If you need a memorable password that contains\nDigits, do this:\n\n```js\nfuerte().memorable().separator('0').make() // e.g., \"chump9vixen6good9bud\"\n```\n\nIf you need a memorable password that contains Symbols *and* Digits, do this:\n\n```js\nfuerte().memorable().separator('0_').make() // e.g., \"cramp2dill#grant1coach\"\n```\n\n### Capitalization\n\nIf you need a memorable password that contains capital letters, use the\n`capitalize()` method:\n\n```js\nfuerte().memorable().capitalize().make() // e.g., \"slept taco START prior\"\n```\n\nYou can use `capitalize()` in combination with the `separator(string)` method\nto create an almost-memorable password that also satisfies the goofy requirements \nfor using complex characters: \n\n```js\nlet password = fuerte().memorable().capitalize().separator('0_').make() \n// e.g., \"tusk9query*cross9DRAB\"\n```\n\n## WordPress plugin configuration\n\nBy default, the WordPress plugin will have WordPress use Fuerte when it needs\nto generate and display a suggestion for a new password, like on the password\nreset screen:\n\n![](assets/wordpress-password-reset.png)\n\nJust click the reload button (either in the UI on the page or on the browser)\nto get another suggestion.\n\nIf you don't want Fuerte to add these features to WordPress, just add the\nfollowing code to your theme's `functions.php` or to a must-use plugin file:\n\n```php\n\u003c?php\nadd_filter('fuerte_style_passwords', '__return_false');\n```\n\nIf you are using these features, you can customize the generator API using\na filter like this:\n\n```php\n\u003c?php\nadd_filter('fuerte', function(\\Collegeman\\Fuerte\\Generator $generator) {\n  return $generator-\u003erandom()-\u003esize(12)-\u003esymbols()-\u003enumbers();\n  // ...but why would you want to make the passwords suck again?\n});\n```\n\n## Support\n\nIf you find a problem with Fuerte, please post an [issue](https://github.com/collegeman/fuerte/issues) on GitHub.\n\n## Credits\n\nThe inspiration for a cross-platform password generator with a consistent API\ncomes from the XKCD comic above as well as requirements from several of\nthe projects I'm working on at the moment. The image has been used without \nexplicit permission.\n\nThe features of the generator were inspired and constrained by the \nminimal design of the password generator built into [1Password](https://1password.com/).\nIf you don't use a password manager, I highly recommend you give\n1Password a try.\n\nThe word list used by Fuerte for generating memorable passwords belongs\nto the [EFF](https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases).\nIt was used without permission.\n\n\u003cspan\u003eThe photo of padlocks is by \u003ca href=\"https://unsplash.com/@dynamicwang?utm_source=unsplash\u0026amp;utm_medium=referral\u0026amp;utm_content=creditCopyText\"\u003eDynamicWang\u003c/a\u003e on \u003ca href=\"https://unsplash.com/s/photos/lock?utm_source=unsplash\u0026amp;utm_medium=referral\u0026amp;utm_content=creditCopyText\"\u003eUnsplash\u003c/a\u003e\u003c/span\u003e.\n\n## License\n\nCopyright 2020 Aaron Collegeman\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcollegeman%2Ffuerte","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcollegeman%2Ffuerte","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcollegeman%2Ffuerte/lists"}