-
Notifications
You must be signed in to change notification settings - Fork 12
3. Advanced Configuration
WordSequencer configuration is XML based. The configuration is defined by different elements. The entire configuration is defined under the PasswordSequenceConfiguration root element. Have a look at the end of this document to see a sample.
- wordList: a list of words (space separated) from which the sequencer is going to randomly pick word from.
- characterList: a list of characters (space separated; a backslash can be used to escape a literal space or backslash) from which the sequencer is going to randomly pick character from. This is XML, so ', ", &, <, and > must be used in place of characters ', ", &, <, and >.
- Substitutions: a configuration representing possible character substitutions, from which the sequencer is going to replace the replace attribute with the with attribute.
- SubstituteAny: a substitution that represent substituting any character from the replace attribute.
- SubstituteWhole: a substitution that represent substituting the extact characters from the replace attribute.
Default values are elements defining the default words, default characters and default substitutions for the defined sequence. They are located directly under the PasswordSequenceConfiguration.
- DefaultWords: a wordList defining the default words for any non overrided word sequence item.
- DefaultCharacters: a characterList defining the default characters for any non overrided character sequence item.
- DefaultSubstitutions: a list of Substitutions to be apply depending on the substitution percentage of each sequence item.
Sequencing is defined within the Sequence element, under the PasswordSequenceConfiguration. Sequencing may contain word or characters.
- Word: represents one randomly selected word from wether the DefaultWords or the Words defined within itself. Word have the following possible attributes:
-
probability: defines the probability that the word will be inserted.
Note: This option decreases the strength of your password! The number of possible passwords that must be tried is not increased enough by omitting a word to make up for just always having that word, unless your word list is very small. In the UI, this option is hidden behind "advanced mode" but the entry for it in the XML is always generated.
Values can be always|never|0-100. Most of the word should be setup as always, but if you want to have one extra word that only shows up half the generated passwords, you could specify 50.
-
capitalize: defines if the word will be generated with proper (every first letter) capitalization, or between a 0 and 100 percent for each letter to be capitalized.
-
substitution: a percentage of changes that DefaultSubstitutions or Substitutions defined within itself applies.
-
Words: A specific word list for this sequence item. If none are specified, DefaultWords will be used
- override: defines wether this word list replaces the DefaultWords for this sequence (true), or if specified words are added to the default word list to select a random word from (false), for this sequence item only.
-
Substitutions: contains a list of new substutions, applicable for this sequence item only.
- override: defines wether this substitution list replaces the DefaultSubstitutions for this sequence (true), or if substitutions are added to possible subsitutions (false), this this sequence item only.
-
- Characters: represents one or more randomly selected characters.
-
probability: defines the probability that those characters will be inserted. Values can be always|never|0-100.
Note: This option decreases the strength of your password! The number of possible passwords that must be tried is not increased enough by omitting a character item to make up for just always having that character, unless the permitted character list is very small. In the UI, this option is hidden behind "advanced mode" but the entry for it in the XML is always generated.
-
length: defines the maximum number of characters that can be inserted with this sequence item.
-
lengthStrength: defines whether the length has to be fully respected (full) or how much of a chance (0-100) the total number of characters will reach length.
Note: This option decreases the strength of your password! The number of possible passwords that must be tried is not increased enough by omitting a character item to make up for just always having that character, unless the permitted character list is very small. In the UI, this option is hidden behind "advanced mode" but the entry for it in the XML is always generated.
-
allowDuplicate: defines (if length > 1) if selected characters should be unique, or are they allow to be repeated.
-
Characters: a character list specific for this sequence item
- override: defines whether this character list replaces the DefaultCharacters for this sequence (true), or if specified characters are added to the character list to select a random one from (false), for this sequence item only.
-
<?xml version="1.0" encoding="utf-8" ?>
<PasswordSequenceConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://quasivirtuel.com/PasswordSequenceConfiguration.xsd">
<DefaultWords>
Use Your Own Words Hand
</DefaultWords>
<DefaultCharacters>
1 2 3 4 5 6 7 8 9 0 ! " / $ % ? * ( ) _ + | #
</DefaultCharacters>
<DefaultSubstitutions>
<SubstituteWhole replace="here" with="H8"/>
<SubstituteAny replace="aA" with="4"/>
</DefaultSubstitutions>
<Sequence>
<Word capitalize="never" >
<Substitutions override="true">
<SubstituteAny replace="o" with="c" />
</Substitutions>
</Word>
<Word probability="10" />
<Word substitution="never" />
<Characters>
<Characters>
{ } [ ] < > _ - = +
</Characters>
</Characters>
</Sequence>
</PasswordSequenceConfiguration>You can also have a look at the XSD schema (link to be included at first master release)