Skip to content

Instantly share code, notes, and snippets.

View atoponce's full-sized avatar
Crypto coffee

Aaron Toponce atoponce

Crypto coffee
116 followers · 16 following
View GitHub Profile
@atoponce
atoponce / random.js
Last active March 11, 2018 01:32
Uniform random number generators
// Citation: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/random
/*
* Getting a random number from [0, max)
*/
// DO THIS (unbiased)
function getRandomInt(max) {
var low = (-max >>> 0) % max;
do { var n = Math.random() * 0x100000000 >>> 0; } while(n < low);
@atoponce
atoponce / jp_hiragana.txt
Created August 16, 2017 10:42
Japanese Diceware
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
# This word list has included material from the JMdict (EDICT, etc.)
# dictionary files in accordance with the licence provisions of the
# Electronic Dictionaries Research Group, and is covered under their
# Creative Commons Attribution-ShareAlike Licence.
#
# http://www.edrdg.org/edrdg/licence.html
#
@atoponce
atoponce / top500_results_table.md
Created December 16, 2016 17:13
A table showing top top 500 of 10-million most commonly passwords from Mark Burnett, and tested with different strength testers, with their scores and suggestions.

Top-500 Commonly Used Passwords

This table shows passwords which come from Mark Burnett's 10 million password dump, picking only the top 500. Each password is checked against our strength testers.

See the public Gist of atoponce/password_strength.md about a description of each generator and the strength tester.

| Password | Source | Pwqcheck | Cracklib-check | Pwscore | Zxcvbn |

@atoponce
atoponce / random_results_table.md
Last active December 22, 2017 21:33
A table showing 200 randomly generated passwords of different strengths and complexities from different generators, and tested with different strength testers, with their scores and suggestions.

Randomly Generated Passwords

This table shows passwords generated from a number of different generetors of different strengths,and their results using different strength testing checkers.

See the public Gist of atoponce/password_strength.md about a description of each generator and the strength tester.

| Password | Source | Pwqcheck | Cracklib-check | Pwscore | Zxcvbn |

@atoponce
atoponce / password_strength.md
Last active July 11, 2019 04:20
A document evaluating different open source password generators and password strength testers. See the other Gists at the end of the document for the password results.

Open Source Password Generator / Strength Meter Testing

This is a collection of password generators and strength meter testing. Each generator produces a different array of passwords, of which are then tested against each of the strength meters. The defaults are used where possible, otherwise sane options are provided.

The Results

The following results are tables showing the generators, passwords, and strength testers described below.

  1. Randomly generaterd passwords: atoponce/random_results_table.md
@atoponce
atoponce / README.md
Last active November 30, 2024 09:21
Security settings for WeeChat

Strongly Recommended

Disable DCC

/plugin unload xfer
/set weechat.plugin.autoload *,!xfer

Disable CTCP

/set irc.ctcp.action ""
/set irc.ctcp.clientinfo ""
/set irc.ctcp.finger ""

/set irc.ctcp.ping ""

@atoponce
atoponce / ciphers.md
Last active August 1, 2017 13:09
A list of the starting tweets for each #CipherMysteries cipher thread
@atoponce
atoponce / gen_pass.sh
Last active September 6, 2016 15:18
Password generation in POSIX sh
shuff() {
if [ $(command -v shuf) ]; then
shuf -n "$1"
elif [ $(command -v shuffle) ]; then
shuffle -f /dev/stdin -p "$1"
else
awk 'BEGIN{
"od -tu4 -N4 -A n /dev/urandom" | getline
srand(0+$0)
}
@atoponce
atoponce / README.md
Last active November 30, 2017 17:20
Syntax for setting up Vim as a secure password manager, with syntax highlighting and shoulder surfing security.

Introduction

This allows you to use Vim as a secure password manager. It was inspired and mostly lifted from http://pig-monkey.com/2013/04/password-management-vim-gnupg/. It differs in that a specification is now defined, and a syntax highlighting file is provided to highlight keywords and hide passwords. Additionally, this Gist uses *.pw file extensions to trigger the syntax highlighting, in addition to some custom GPG config.

GnuPG.vim

Save in ~/.vim/plugin/gnupg.vim. Grab from https://github.com/jamessan/vim-gnupg.

Vimrc

Save in ~/.vimrc:

if has("autocmd")

@atoponce
atoponce / README.md
Last active July 30, 2019 11:00
Technical Documentation Standards

Documentation Standards

When creating documentation for your project, you should take advantage of some standards defined by the IETF for metasyntactic variables, domain names and IP addresses. Then, if people automatically copy and paste your examples, nothing harmful can (SHOULD!) happen.

Metasyntactic Variables

RFC 3092 was created on April 1 as a joke (as most RFCs created on that day are). However, there is sane logic to using standardized variables in code examples when documenting an open source project, or providing examples of how or how not to do some concept.

The variables are listed as follows:

  • foo
  • bar