dinghy [1] filed a deletion request for correcthorse [2]: This software does use actual randomness. The correcthorse algorithm needs perfect randomness and non-reproducibility to create secure passwords (as does any password generator, in fact). But THIS IMPLEMENTATION HAS A FLAW: successive commands within about a second generate the same password. This implementation is therefore time-based and not making use of /dev/(u)random. Proof: the following is [ENTER]+[UP] as fast as possible. ~ correcthorse goneededpurposewhy ~ correcthorse unusualgovernmentgirlyesterday ~ correcthorse unusualgovernmentgirlyesterday ~ correcthorse unusualgovernmentgirlyesterday ~ correcthorse unusualgovernmentgirlyesterday ~ correcthorse unusualgovernmentgirlyesterday ~ correcthorse weakhispleasantthey ~ correcthorse weakhispleasantthey ~ correcthorse weakhispleasantthey ~ correcthorse weakhispleasantthey ~ correcthorse weakhispleasantthey ~ correcthorse johnnyparallelrecognizenumeral The AUR package pwgen-passphrase does the same and also originates from the correcthorse concept, but uses proper randomness. [1] https://aur.archlinux.org/account/dinghy/ [2] https://aur.archlinux.org/pkgbase/correcthorse/