xotl.tools.crypto - Other cryptographic services

General security tools.

Adds the ability to generate new passwords using a source pass-phrase and a secury strong level.

xotl.tools.crypto.generate_password(pass_phrase, level=3)[source]

Generate a password from a source pass-phrase and a security level.

  • pass_phrase – String pass-phrase to be used as base of password generation process.
  • level – Numerical security level (the bigger the more secure, but don’t exaggerate!).

When pass_phrase is a valid string, level means a generation method. Each level implies all other with an inferior numerical value.

There are several definitions with numerical values for level (0-4):


Generate the same pass-phrase, just removing invalid characters and converting the result to lower-case.


Replace some characters with new values: 'e'->'3', 'i'->'1', 'o'->'0', 's'->'5'.


Consonants characters before ‘M’ (included) are converted to upper-case, all other are kept lower-case.


Adds a suffix with the year of current date (“<YYYY>”).


Randomly scramble previous result until unbreakable strong password is obtained.

If pass_phrase is None or an empty string, generate a “secure salt” (a password not based in a source pass-phrase). A “secure salt” is generated by scrambling the concatenation of a random phrases from the alphanumeric vocabulary.

Returned password size is 4*level except when a pass-phrase is given for level <= 4 where depend on the count of valid characters of pass-phrase argument, although minimum required is warranted. When pass-phrase is None for level zero or negative, size 4 is assumed. First four levels are considered weak.

Maximum size is defined in the MAX_PASSWORD_SIZE constant.

Default level is PASS_PHRASE_LEVEL_MAPPED_DATED when using a pass-phrase.

xotl.tools.crypto.PASS_PHRASE_LEVEL_BASIC = 0

The most basic level (less ) for the password generation.

xotl.tools.crypto.PASS_PHRASE_LEVEL_MAPPED = 1

A level for simply mapping of several chars.

xotl.tools.crypto.PASS_PHRASE_LEVEL_MAPPED_MIXED = 2

Another “stronger” mapping level.

xotl.tools.crypto.PASS_PHRASE_LEVEL_MAPPED_DATED = 3

Appends the year after mapping.

xotl.tools.crypto.PASS_PHRASE_LEVEL_STRICT = 4

Totally scramble the result, making very hard to predict the result.

xotl.tools.crypto.DEFAULT_PASS_PHRASE_LEVEL = 3

The default level for generate_password()

xotl.tools.crypto.MAX_PASSWORD_SIZE = 512

An upper limit for generated password length.