I’ve released today the new version of spass
, a tool that creates cryptographically strong passwords and passphrases by generating random bits from your sound card.
In the user facing side, spass
can now create passphrases as long as passwords. The words for the passphrases are chosen out of a list of 8192 words which means each word adds 13 bits of entropy to the passphrase.
spass
can now use one of three audio backends (the old version could only use OSS):
- Advanced Linux Sound Architecture (ALSA)
- Open Sound System (OSS)
- PortAudio
The PortAudio support will hopefully make it easy to port spass
to other platforms as well (such as Windows). The random number generator got overhauled and now there is an unbiasing step before applying the hash function. This should help getting consistent results in terms of entropy. In the backstage I’ve migrated the project from autotools to cmake
.
You can find more information, as well as both source and binary packages in https://github.com/guyru/spass.
This is really cool. Is there any chance you releasing the software under a more free license such as BSD/MIT or apache?
Why release it under a different license?
I truly believe that if someone wants to distribute work based on this code, he should distribute the code under the same terms I did.
I just prefer free software to restricted software even if it is open source. GPLv3 software can’t be used by a lot of projects or companies. GPLv2 is a little bit better but isn’t the best.