Diceware Passphrase to Keychain and Clipboard 1.1

Function: Using the Diceware method for strong passphrase generation, this workflow generates a 10 word passphrase from the Diceware word list. The passphrase is inserted into your Keychain and copied to the clipboard.
Author: Garry Myers

Update 1.1

1. Added CocoaDialog dialog for user to enter account name associated with the password; the dialog includes a default answer of your OSX short username. The selected account name is entered into the Keychain with the password.

2. Replaced the Applescript dialog notification for successful pasword generation with a Growl notification to reduce user interaction with windows.

Requires: CocoaDialog installed in /Applications and the Growl Automator action.

Notes: For those who use OpenPGP, Hushmail and other similar encryption tools, a strong passphrase is critical for security. The Diceware method is a very secure way of generating such passphrases with high entropy. The default passphrase in this workflow is 10 words, which gives a passphrase that matches the 128 bit security of Hushmail and OpenPGP.

The über-paranoid will not want to use this workflow as it is based on the Perl implementation of rand() – thus the selection of words from the word list is not totally random. Also, the copy to the clipboard step is for convenience and is not a secure way of handling passphrases – folks may want to delete the line:

echo $pwd |
pbcopy

from the Run Shell Script action in Step 2 if this is an issue [1].

However, for most real world purposes, this workflow is more than adequate and has the advantage of directly inserting the passphrase into your Keychain, rather than writing it down anywhere.

[1] If you edit this in Automator, ensure that in Step 1, the shell is set to /usr/bin/perl…there is a bug in Automator that causes the Run Shell Script action to default to /bin/bash when re-opening the workflow regardless of what was set at last save.