Skip to content

Frequently Asked Questions

  1. Why passwords generated with AegisPass sometimes does not seem random?

    Well, true randomness is a hard thing to achieve and to measure. We are used to algorithms that tailor the output to our needs and to seeing patterns in the output. Sometimes you may see a pattern in the output of AegisPass, but that does not mean that the output is not random. AegisPass uses cryptographically secure random numbers along with the possibility of using random.org to generate random passwords, providing enhanced security for your applications and services to generate Randomness Mixing and achieve a high level of entropy.

  2. Why AegisPass uses random.org in normal mode?

    I'm trying to find a more reliable way to implement randomness mixing in AegisPass, but for now random.org seems like the best option. Even if someone has the numbers generated from random.org they can't predict your password, but if I only used crypto/rand, someone could predict your password if they had the numbers generated by the OS Entropy Pool, so this looks like a good trade-off for now.