I needed a gentle break from the 9-5 work and let myself enjoying work on something fun so I created https://emojipasswordgenerator.com/. I bought this domain about 3 years ago and never got around to building but I finally blocked out a few hours and gave it a go.
There is not a lot to it, it makes use of https://tabler.io/ and https://github.com/IonicaBizau/emoji-dictionary and the hardest part was figuring out how to use webpack to allow me to use the emoji-dictionary library.
Now that I've created it, it's time to go forth and attempt to break all my logins 😇
Hey Chris, this is really cool. And what's interesting to me is, I think this is probably more secure than a layperson would think.
It's kind of similar to the password generation strategy of picking random words instead of random letters. You have a more choices in emojis than in the English alphabet, so you get more variability.
It might be cool to do a bit of research into the entropy of your generated passwords and share that too.
DISCLAIMER: I'm not a cryptography expert, just a regular old web developer 😁
Thanks, I'm just a regular old web developer myself and cryptography isn't something I'm particularly clued up on.
In theory, I would have thought this would be more secure than just alphanumeric characters because there are more available characters but I guess attacks are done more using a list of exposed passwords rather than cycling through each of the available characters. An exposed password will be compromised even with emojis in it.
This was really just a bit of fun and it is not intended to be a serious password generator.
Fundamentally it's only as secure as the underlying PRNG. Everything else (in this case (available characters) is fluff.
You: my password is 💩💩💩
Website: strength: [============] (very strong)
First of all I want to say it's quite cool.
That said, without it being open source no one should use this. Additionally you should be using a tried and true (and audited) otherwise crypto library this is super insecure.
Thanks, I appreciate your comments. I will be looking to open source this but I'm more familiar with GitLab than GitHub (and I'd prefer to open source on GitHub) so I need a bit of time to figure out how to change my CI/CD pipeline over to GitHub.
I take your point about it being insecure (I've grabbed a 3rd party library off of npm and have not looked into what it's doing) but this was really just a bit of fun and it is not intended to be a serious password generator.
I love working on small, fun projects like this. Nice work.
Thanks, these ones always make the big, bloated projects easier to deal with.
This is a great idea!
Nice one!