admin
1f05f9f866
Replace 64-char hex retrieval passwords with 5-word Hungarian passphrases (e.g. áldás-plazmid-palánta-süvítve-pócgém) for better UX in disaster recovery scenarios. Embed 29K+ word list via go:embed. API keys remain hex. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
47 lines
1.1 KiB
Go
47 lines
1.1 KiB
Go
package configgen
|
|
|
|
import (
|
|
"crypto/rand"
|
|
_ "embed"
|
|
"math/big"
|
|
"strings"
|
|
)
|
|
|
|
//go:embed hungarian.txt
|
|
var hungarianWords string
|
|
|
|
// wordList is populated from the embedded hungarian.txt at init time.
|
|
var wordList []string
|
|
|
|
func init() {
|
|
seen := make(map[string]struct{}, 30000)
|
|
for _, line := range strings.Split(hungarianWords, "\n") {
|
|
w := strings.TrimSpace(line)
|
|
if w == "" {
|
|
continue
|
|
}
|
|
if _, dup := seen[w]; dup {
|
|
continue
|
|
}
|
|
seen[w] = struct{}{}
|
|
wordList = append(wordList, w)
|
|
}
|
|
}
|
|
|
|
// RandomPassphrase generates a human-friendly passphrase from Hungarian words.
|
|
// Format: "szó-szó-szó-szó-szó" (words separated by dashes).
|
|
// With a ~29K word list, 4 words gives ~59 bits of entropy, 5 words ~74 bits.
|
|
// Easy to read, type, and dictate by Hungarian-speaking customers.
|
|
func RandomPassphrase(wordCount int) (string, error) {
|
|
words := make([]string, wordCount)
|
|
max := big.NewInt(int64(len(wordList)))
|
|
for i := range words {
|
|
idx, err := rand.Int(rand.Reader, max)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
words[i] = wordList[idx.Int64()]
|
|
}
|
|
return strings.Join(words, "-"), nil
|
|
}
|