It’s been a while since I released a new version of XKPasswd.pm, the open source Perl module that powers the secure memorable password generator at www.xkpasswd.net. The main reason for the big gap is that I needed to learn some new skills to get the code to where I wanted it to be. There were three main problems I wanted solved:

  1. To get wide adoption, the Module needs to be available via CPAN
  2. The module needs unicode support to deal with non-English languages
  3. It needs to be easy to edit and tweak a config with the www.xkpasswd.net web interface, and then use it in your scripts.

While solving those problems, I also took the opportunity to tidy up some other odds and ends in the code base. It’s not that code was broken, it just that a few parts of it had a bit of a fishy smell – it seemed like there was probably a better way to do that, and there was!

So, here’s a summary of what’s changed from the the point of view of a user of the Module:

  • The Packaging – the module has a new name, and is now packaged with Module::Build, so it’s easier to install, and ready for distribution via CPAN.
  • Unicode Support – if it’s a unicode character, you can use it while generating passwords.
  • Redesigned Word Sources – more bundled with the module, and easier to create your own.
  • Redesigned Sources of Randomness – more bundled with the module, a better default, and easier to create you own.
  • A switch to Named Arguments (in both the constructor and functional interface).

I’ve put a lot of time and effort into developing this entirely free and open source module. If you find it useful, please consider making a donation:

*Download Beta of Crypt::HSXKPasswd via GitHub*

Read more

Tagged with:

I spent of a bit of time tweaking my server backup script this week, and figured there was no reason not to share it with others. This is not the be-all-and-end-all of backup scripts, or the most flexible backup script in the world, it does what I need from a backup script, and nothing more or less! It might meet your needs, or, more likely, it might make a useful starting point for a script that meets your exact needs.

You’ll find the code and the documentation over on my GitHub account.

Tagged with:

At the request of listeners I’m going to be publishing a big list of links with future Let’s Talk Apple shows. The logical format for me to create those notes in is Markdown – it’s plain text, and quick and easy for me to add new items and re-arrange them into logical groupings. for the most part markdown has little to no overhead, but when it comes to links there is a little work. What I wanted was a way of automatically taking a URL, and turning it into a markdown link where the text for the link is the site the story is from with /… after it.

When all is done I want to turn a url like http://www.macobserver.com/tmo/article/every-important-link-from-apples-9-9-event-on-one-page into a link that looks like: www.macobserver.com/…. In other words, I need to take the URL above as input, and turn it into the following Markdown code:

My reason for choosing this format is that I want to give obvious credit to the sources of the stories, but not waste screen real-estate on long URLs.

Perl’s URI module can interpret URLs, and easily extract the host part of the URL, OS X Services can take selected text as input and replace it with processed output, Automator can create OS X Services, and Automator can execute Perl code. By putting all these pieces together I was able to solve my problem in just 20 minutes with a few clicks and a few lines of code.

You can just download the service with the link below, or you can read on to see how it’s done.

Download OS X Service …

Read more

Tagged with:

It’s going to take me a few months to re-write the www.xkpasswd.net site so it uses the new XKPasswd 2 perl module. In the mean-time, thanks to the magic of Automator an OSX Services, Mac users can integrate XKPasswd 2 right into their OS with out very much effort at all.

This blog post is intended as a follow-on post to my earlier XKPasswd 2 beginners guide. This post assumes you have followed the installation instructions in the beginner’s guide to install the XKPasswd 2 module, that you followed along with that post and created a script that generates passwords in a format of your choice, and that you have tested that script to be sure it works. In this post I’ll be using the final example script from the beginner’s guide as my pre-written script.

Read more

Tagged with:

I’ve just released version two of the XKPasswd perl module, the module that powers the www.xkpasswd.net website. At the moment, only the module has been updated, not the website. It’s going to take me a few months to make all the changes I want to on that site. In the mean time you, can use the module directly. The prerequisites are that you have a computer with Perl and GIT installed, and a plain text editor (no difficult on Linux or Mac).

Read more

Tagged with:

It’s hard to believe, but it’s been nearly three years since I released my first attempt at a Perl library for generating secure memorable passwords. The original spark of inspiration came when Steve Gibson released and talked about his Password Haystacks page at around the same time as the now famous correct horse battery staple XKCD comic was released. Take the idea of using words as the basis for passwords from XKCD, add computers to introduce real randomness (we humans are terrible at being random), and season with come well-chosen and intuitively placed symbols and digits to increase the size of your haystack, and voila, passwords are are both human-friendly and secure!

The first version of the library worked, as evidenced by it’s years of service powering www.xkpasswd.net. That’s not a bad start. But, it was a first attempt at solving the problem, and, I was still a Perl padawan back then. Some of my early design decisions resulted in a less than ideal API making the library a lot less developer-friendly than it could have been, and I’ve learned a lot about Perl, and Perl best practices since 2011!

I’ve spent the past half year or so re-implementing the same basic idea from scratch. In terms of functionality very little has changed, there are a few additions, but the big change is in the API. Basically, the old API was a mess – you needed one config hashref to instantiate the object, then a different config hashref to call the password generation function. Nonsense! That’s not intuitive, not obvious, and not efficient! The new API allows you to achieve the same result with less code, and the code you will have will be easier to read and understand.

You’ll find the project page for the new library at the link below – this page provides links for downloading the code, and links to the module’s very detailed documentation.

XKPasswd 2 Project Page (http://bartb.ie/xkpasswd)

Read more

Tagged with:

I’m betting most people won’t be interested in this, but if anyone’s curious how this programmer goes about building up a perl module from scratch, you can watch along on as I build XKPasswd 2.0 over on GITHub: github.com/bbusschots/xkpasswd.pm.

I’m re-implementing XKPasswd from scratch. The resulting functionality will be mostly the same, but with some additions. The reason for starting over is two-fold. Firstly, the first implementation of XKPasswd was very much a prototype, and as with any prototype, I learned some valuable lessons, and there are lots of things I’d do differently if I was doing it again. Secondly, the first version of XKPasswd is almost three years old now, and since then, my Perl skills have increased a lot. Probably the single biggest difference between the me of 2014 and the me of 2011 is that I read Perl Best Practices, and started to run all my Perl code through Perl Critic. Another big difference is that, thanks to JQuery, I’ve fallen in love with Code References in all the languages I use that support them, including Perl.

Since this is a re-write, I’m really focusing on building a solid foundation, so I’m starting with the utility functions that will let me build up functionality gradually, and I’m writing the user documentation in parallel with the code. Before every commit to GITHub, everything that’s done so far is getting documented with POD, and, the code has to pass Perl Critic with no warnings.

Tagged with:

I spent quite some time this afternoon finding a reliable way of converting Unix Time Stamps (UTS) to the ISO 8601 format used in SQL databases like MySQL and PostgreSQL that does not get confused by timezones. In the end the final result is, as is so often the case with Perl, very short and simple, but since the Googles failed to find the answer for me today, I thought it would be worth sharing in case it’s of use to others in the future.

[perl]
use DateTime;

# Function to convert Unix Time Stamp to ISO 8601 Date
# Arguments:
# 1) The Unix Time Stamp to convert
sub uts_to_iso8601{
my $uts = shift;
my $date = DateTime->from_epoch(epoch => $uts, time_zone => ‘UTC’);
return $date->ymd().q{ }.$date->hms().’z’;
}
[/perl]

The algorithm is very simple, use DateTime‘s from_epoch function to a DateTime object in the UTC timezone (AKA Zulu). Then assemble the output as YYYY-MM-DD HH:MM:SS, and append a z for Zulu. MySQL and PostgreSQL can now use the string to populate Date or Timestamp columns.

As an example, the Unix Time Stamp 1369410796 converts to 2013-05-24 15:53:16z.

Tagged with:

This is a minor bug-fix update for XKpasswd (my Perl random password generation module). It squashes two minor bugs which came to light while updating www.xkpasswd.net to use version 2 of the module.

  1. When the custom_separator option was left blank, no separator was used, rather than the expected random separator.
  2. When the custom_separator option was left blank or set to RANDOM, and the pad_char option to SEPARATOR, the results were un-expected, different random character was used for each, rather than the same random character.

For documentation and detailed release notes on version 2 of the module, see the release notes for version 2.0.

Download

Tagged with:

Automator + XKpasswdA few weeks ago on the Chit Chat Across the Pond segment of the Nosillacast, I mentioned that I had an OS X service set up to generate a random password using my XKpasswd Perl module and copy it to the clipboard. Listeners enquired as to how they would go about doing that, so as promised, here’s a quick tutorial.

Obviously this tutorial is for Mac OS X users only, because OS-wide Services and Automator are OS X features. The screenshots are taken on 10.8 Mountain Lion, but this same technique definitely also works on OSX 10.7 Lion, and probably even on 10.6 Snow Leopard. This tutorial also assumes that you have downloaded the XKpasswd module, and saved it somewhere on your computer, along with either the sample dictionary file included with the module or one of your own making, and that you know where on your computer those files have been saved. In other words, you need to have XKpasswd.pm and a text file with one word per line somewhere on your hard drive. In my sample code I’m going to assume you’ve installed the Perl module to the suggested location, /usr/local/xkpasswd/XKpasswd.pm, and that you have customised the sample dictionary a little (more secure that way), and saved it to /usr/local/xkpasswd/dict.txt.


Read more

Tagged with:

« go backkeep looking »