Richard BarrellMay 28
Hoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!

OMG. Apparently tons of people have been generating secrets on an old server-side key generation website that had incredibly weak entropy. Like, 10 bits or something.

The website was allkeysgenerator[.]com. Here is a dump of 1000 keys generated on it. Searching for the URL finds hundreds of people recommending it for key generation.

Some of these snippets have hundreds of GitHub results.

The exact algorithm is unknown but (see below) It generates extremely predictable strings, you can visually see how the delta from character to character is almost constant. Thanks @dramforever for doing some analysis here. Their script here can generate the vast majority of sequences from this website.

Update: This script generates the entire list from a single seed, and large chunks of another.

I'm certain you can break into production websites using these keys for cookie signing etc.

May 28 at 8:32amWeb
Show threadHoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!May 28

OK, I have a generator. It's a float-based algorithm, so there's rounding error issues, but this script works for the above 1000-key dump, and for a contiguous chunk of another pastebin I found with longer keys.

https://gist.github.com/hoshinolina/7630ca303bcd649b8222e9abd8920caf

@dramforever

Generator for allkeysgenerator.com passwords/keys

Generator for allkeysgenerator.com passwords/keys. GitHub Gist: instantly share code, notes, and snippets.

Gist
Show thread✨メッツォ✨  May 28
@lina @dramforever 
Show threadMarkAssPandiMay 28
@lina @dramforever I usually try not to like, blame people and shit
Lots of issues stem from a lot of moving parts etc
but
like
if someone used that in production, I kinda feel they shouldn't be, uh, deploying anything to production like at all
Show threadcaramel beurre salopeMay 28
@lina sounds like nsa psyop or whatev. not the 1st time someones deploys broken cryptosystem on purpose
Show threadSophie SchmiegMay 28
@kouett @lina honestly, it's too bad for that. I can whip you up a way of generating "keys" that would be impossible to cryptanalyse, just the fact that you used my server to generate them is enough. Why let your adversaries exploit the same weaknesses you are exploiting when you don't have to? This smells of incompetence, not intent.
Show threaddisorderlyfMay 28
@lina @dramforever Is this why it seems like everything is being compromised left, right, and centre?
Show threadRichard BarrellMay 28

@lina @dramforever WAHT

really. WHAT!?????

Show threadRichard BarrellMay 28
@lina @dramforever well that's shaken me up.
Very well done, both of you. ❤️
Show threadRachel RawlingsMay 28

@lina @dramforever Eeeeek.

(Deleted reference to DDG's implementation of pwgen)

Show threadHoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!May 28

@linuxandyarn @dramforever

...what. Why would you trust duckduckgo with server-side password generation?!

Show threadRachel RawlingsMay 28

@lina @dramforever Maybe I'm not sure why you're putting server-side in bold. I'm talking about creating unique passwords for random sites, and I expect DDG to have more entropy than the one you mentioned.

Generating locally with `pwgen -sy` is best, but if someone does need an online generator, then yes, I'd trust DDG more than most.

Show threadBrian CampbellMay 28

@linuxandyarn @lina @dramforever The more people a secret is shared with, the less secret it is.

A DDG based password generator is at least shared with DDG.

It's also done via some kind of pugin system they have? It says:

This Instant Answer was made by the DuckDuckHack Community.
Developer: cinlloc
Developer: mintsoft

But this DuckDuckHack program was shut down nearly a decade ago.

Was this particular plugin system developed for secure generation? Or are they logging every one of the "answers" produced by it somewhere? What happens if those logs are compromised, or law enforcement does an overly broad request for information that pulls all of these logs?

And since this whole DuckDuckHack instant answers submission system seems to have shut down, there aren't any docs available online for it any more, you have to dig through the internet archives to even find docs on how it worked. Is any of this even maintained?

Show threadRachel RawlingsMay 28
@unlambda @lina @dramforever Ok, fair.
Show threadHoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!May 28

@linuxandyarn @unlambda @dramforever More importantly, there are a zillion password generator websites that generate the password *locally* in JS, which makes them infinitely more trustable than what DDG is doing.

I would go as far as saying that DDG feature is appalling, and should not exist as implemented. It makes me want to stop using it as my default search engine. No responsible website should ever even attempt to implement a password generator like that. That's exactly what brought us to the mess I mentioned in OP.

Show threadHoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!May 28

@linuxandyarn @unlambda @dramforever Without doing a full audit, the top 5 results on DDG for "password generator" look local, judging by latency (checking on phone, too lazy to pull up DevTools on a PC and check properly).

It really is irresponsible to implement a password generator site in any other way.

Show threadBrian CampbellMay 28

@lina @linuxandyarn @dramforever I think I found the source for the DDG password generator here: https://github.com/duckduckgo/zeroclickinfo-goodies/blob/master/lib/DDG/Goodie/Password.pm

Most of these instant answers on DDG seem to be contributed via this (now shut down) open source program.

The password generation itself is... OK. It uses the slightly biased modulo for randomly picking characters, but I checked and so does `pwgen`; for generating passwords where you're not trying to optimize for things like readability/easiness to type and not strictly controlling the entropy, that's not terrible. It does use urandom for its entropy source which is likely the best option.

But yeah, just doing this server side is a terrible idea. It could be logged, it could be cached. It doesn't appear that it's cached, it gives me a new one every time, but who's to say they won't at some point say "these instant answers are taking up too much CPU, let's add a cache in front of them" and then a bunch of people get the same password.

zeroclickinfo-goodies/lib/DDG/Goodie/Password.pm at master · duckduckgo/zeroclickinfo-goodies

DuckDuckGo Instant Answers based on Perl & JavaScript - duckduckgo/zeroclickinfo-goodies

GitHub
Show threadprincess pancake May 28
@lina @linuxandyarn @unlambda @dramforever ironically enough it's probably generated on some Azure server or whatever
Show threadPaul HoffmanMay 28
@lina @dramforever Paging @badkeys
Show thread[BUG] Lunya :3May 28
@lina @dramforever a web search for "ssh key generator" or similar produces a lot of results like this, its very funny
Show threadARGVMI~1.PIFMay 28

@lina @dramforever

Why do people not just generate keys on their own computers??? 😵‍💫

Show threadthe vessel of morgannaMay 28
@lina @dramforever ... how did these people miss the most critical part of "not your keys, not your secrets" ??? isn't that like, cryptography 101
Show threadthe esoteric programmerMay 29
@lina @dramforever why would anyone generate keys with a website when one can use pwgen or any other similar tool?
Show threadHanakoMay 29
@lina Well I just use openssl or the generator in bitwarden.
Show threadDr. SobekMay 30
@lina @dramforever Who built and operates this bad website ?
(This reminds me a bit too much of Debian’s bad PRNG story, which involved a three letter agency ?)
Show threadGabriel Adrian SamfiraMay 30

@lina @dramforever

I mean.... Even something like this is better than trusting some random website to generate your secrets.....

function genRandomString()
{
LEN=${1:-16}
tr -dc "a-zA-Z0-9!@#$%^&*()_+?><~\`;'" < /dev/urandom | head -c $LEN;
echo ''
}

Show threadLEdoianMay 30

@lina @dramforever why does it feel like people, even those supposed to be tech savvy, just don't care about what they are doing and how the things they do is supposed to work? it's extremely stupid for secret generation, but even for stuff like “how do i convert X to Y” i tend to get search results for webpages that do that for me (serving me ads and possibly some malware), instead of the one-liner that is actually doing the same thing…

like, i guess understanding the sheer complexity of computers is not easy, especially when self-taught (i started like 15 years ago, have some formal education in IT and still have stuff i don't understand properly). but not understanding who a secret is shared with and why it shouldn't is possibly a next level…