How It Works
There is no magic snake oil here, its a simple substitution cipher. Here is how the algorithm works:
- An MD5 hash of the chart selection phrase is performed and the first 4 bytes of the hash is used
as a random number seed to a Mersenne Twister pseudo-random number generator.
- The password chart is then filled using sequences of 1 to 3 random upper and lower case letters and
optionally numbers and punctuation by grabbing successive numbers generated from the Twister.
The reason for the random sequence length is to make reversing the substitution cipher a bit harder.
- The alphanumeric characters in the password is then converted using the chart.
I offer no proof that the method of generating the chart is "secure". It is really just meant as a
simple and fun substitution cipher that will help people maintain a little more secure set of passwords.