{"id":17166725,"url":"https://github.com/willf/password_entropy","last_synced_at":"2025-03-24T18:15:44.733Z","repository":{"id":66569812,"uuid":"72596061","full_name":"willf/password_entropy","owner":"willf","description":"Really, a character N-gram entropy modeller","archived":false,"fork":false,"pushed_at":"2016-11-02T02:38:58.000Z","size":703,"stargazers_count":0,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-24T12:52:25.824Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/willf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-11-02T02:24:22.000Z","updated_at":"2018-08-29T20:55:54.000Z","dependencies_parsed_at":null,"dependency_job_id":"9a3abbee-02c4-4e44-b3cc-7db8fd020932","html_url":"https://github.com/willf/password_entropy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willf%2Fpassword_entropy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willf%2Fpassword_entropy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willf%2Fpassword_entropy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/willf%2Fpassword_entropy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/willf","download_url":"https://codeload.github.com/willf/password_entropy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245325221,"owners_count":20596818,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-14T23:06:29.856Z","updated_at":"2025-03-24T18:15:44.727Z","avatar_url":"https://github.com/willf.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Password Entropy\n\nReally, a character N-gram entropy modeller\n\nIt has been noted that (good) passwords have high entropy,\nand we should be able to use that fact to find (good) passwords in code (where they shoudn't be).\n\nTo train:\n\n-  Get some (source) code to train on, and train on it.\n\nThe following trains on the 1.7.3 Go distribution code, after removing some crypto files, as well as test files.\n\nThe resulting model can be found in the `data` directory.\n\n```bash\nfind /usr/local/Cellar/go/1.7.3/libexec/src/ | grep \"\\.go\" | grep -v \"crypto\" | grep -v \"_test\" | xargs cat \u003e /tmp/go_text\nbin/password_entropy -train -in /tmp/go_text -model data/go-3.tsv -ngram_size 3\n```\n\nTo predict:\n\n- Use the model to predict on some source code, for example,\nthe source for this program, which has some high-entropy\npasswords in it.\n\n```bash\ncat src/password_entropy/password_entropy.go|  bin/password_entropy -predict -model data/go-3.tsv  | sort -g | head\n-16.285189\t-960.826143\t59\t magic_password := \"PXKXoyThngGrjCgBLuf2ivrpFFNKA9UgBHrxpLaW\"\n-15.055465\t-286.053838\t19\t log_prob_total += lp\n-15.024271\t-405.655320\t27\t stupid_password := \"letmein\"\n-14.990013\t-1019.320886\t68\t fmt.Sscanf(scanner.Text(), \"%v\\t%s\\t%f\", \u0026ngram_size, \u0026ngram, \u0026count)\n-14.989606\t-44.968818\t3\t \"os\"\n-14.885426\t-401.906513\t27\t lp, _ := models.LogProb(key)\n-14.643432\t-673.597876\t46\t logProb = math.Log2(1.0) - math.Log2(lastTotal)\n-14.577021\t-335.271482\t23\ttype byEntropyDesc []line\n-14.487198\t-101.410389\t7\t if !ok {\n-14.487198\t-101.410389\t7\t if !ok {\n```\n\nColumns are, for each line: average log probability (take negative for entropy), total\nlog probability, number of ngrams, and the line.\n\nThe `Sccanf` line reminds me that format strings always look line line noise, and now we have the science to prove it!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillf%2Fpassword_entropy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwillf%2Fpassword_entropy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwillf%2Fpassword_entropy/lists"}