gwpgen.py is an entropy-driven, cryptographically sound password generator written in Python.
It generates strong random passwords using the operating system's cryptographically secure random number generator and calculates password length from a desired entropy target.
- cryptographically secure randomness (
os.urandom) - entropy-driven password length calculation
- no modulo bias (rejection sampling)
- Fisher–Yates shuffle for unbiased character ordering
- configurable character classes
- optional grouping for human-friendly passwords
- WiFi QR string output
- entropy presets for common security levels
- optional enforcement of character classes
- configurable safety limits
Clone the repository:
git clone https://github.com/georgwallisch/gwpgen.git
cd gwpgenRun directly:
$ ./gwpgen.pyOr install it somewhere in your $PATH.
Generate a strong password with 128 bits of entropy:
$ ./gwpgen.py --strong -a -mExample output: kF7!dP3$wQ9r#N8TzB6M
Generate a password of fixed length:
$ ./gwpgen.py -L 20 -a -mGenerate multiple passwords:
$ ./gwpgen.py --strong -a -m -N 5Group characters for better readability:
$ ./gwpgen.py --strong -a -m -g 4Example: vT8d-9Xk3-ZP4q-Lm2B
Pad the last group to full group size:
$ ./gwpgen.py --strong -a -m -g 4 -pYou must select at least one character class.
Option Description
-a, --alphanum Uppercase, lowercase and digits
-u, --upper Uppercase letters
-l, --lower Lowercase letters
-d, --digits Digits
-m, --symbols Symbols (optional custom set)
-x, --hex-lower Hexadecimal lowercase
-X, --hex-upper Hexadecimal uppercase$ ./gwpgen.py --strong -u -l -d -mPreset Entropy
--weak 50 bits
--good 70 bits
--strong 100 bits
--stronger 128 bits
--tough 192 bits
--paranoid 256 bits
--insane 512 bitsExample:
$ ./gwpgen.py --paranoid -a -mInstead of specifying a password length, you can specify a target entropy:
$ ./gwpgen.py -b 128 -a -mThe program will automatically calculate the required password length based on the size of the selected alphabet.
gwpgen can output passwords in WiFi QR format compatible with Android and many QR code generators.
Example:
$ ./gwpgen.py --strong -a -m -W MyNetworkOutput example: WIFI:T:WPA;S:MyNetwork;P:abcDEF123!;
Hidden network:
$ ./gwpgen.py --strong -a -m --wifi-hidden MyNetworkWrite passwords to a file:
$ ./gwpgen.py --strong -a -m -o passwords.txtWrite both to file and stdout:
$ ./gwpgen.py --strong -a -m -o passwords.txt --teeTo avoid accidental misuse, gwpgen enforces limits by default:
- entropy 1000 bits
- length 250 characters
- number of passwords 500
Disable limits:
$ ./gwpgen.py --no-limitsgwpgen was designed to avoid common pitfalls found in many password generators.
Security features include:
- operating system CSPRNG (os.urandom)
- rejection sampling to avoid modulo bias
- Fisher–Yates shuffle
- entropy-based password generation
- optional character class enforcement
- configurable alphabet
Generate five strong passwords grouped for readability:
$ ./gwpgen.py --strong -a -m -g 4 -N 5Example output:
T4p!-9Xm2-rQ6d-Lz7A 3Kq%-Lm9P-x2fD-aT8Z hV3#-F8kW-rP2q-M9bC 8Qw@-sF3T-vX9d-H4mL N7x!-q2pD-KM9f-Wz3R
Short options can be grouped together:
$ ./gwpgen.py --strong -vapg
Equivalent to:
$ ./gwpgen.py --strong -v -a -p -g
Generate a numeric password for embedded devices such as pay terminals using a dot as separator:
$ ./gwpgen.py -L 24 -dpg 4 -s "." -o mywifi.txt --teeExample output: 3109.4236.2589.1904.1843.7841
Generate a strong password for some login:
$ ./gwpgen.py --strong -apg 4Example output: r3s6-y9O6-xYRd-tylt-Z5lW
or stronger:
$ ./gwpgen.py --stronger -apg 4Shorthand method: Group size default 4 and -G combines -g and -p:
$ ./gwpgen.py --stronger -aGExample output: OLS5-9YKM-291c-vfv7-su5h-38Sx
or with symbols and not grouped:
$ ./gwpgen.py --stronger -amExample output: 7a&b+GoJy(SNV;RdlM53M
Copyright (c) 2026 Georg Wallisch
MIT License – see LICENSE