Passphrase Generator
Memorable random words instead of random characters. Pick how many words, optional separator, optional capitalisation. The generator rejects biased random bytes so every word is equally likely — your entropy is exactly what the bar shows.
When passphrases beat random passwords
- Master passwords for password managers. You type these every day; memorability matters.
- Laptop / desktop login. Same — you type it twenty times a day.
- Encryption / disk-unlock passwords. If you forget it, your data is gone — memorability is part of the security model.
- Wi-Fi passwords you share verbally. Passphrase: "cyber bonsai anchor cinder" is repeatable. "kP3@x9Vz!Q7m" is not.
- Anything you'll type on a phone keyboard. Symbol keys are slow; words are fast.
The entropy math
Each word in this generator is drawn uniformly at random from a 256-word list. log₂(256) = 8 bits of entropy per word, regardless of word length. So:
- 4 words ≈ 32 bits — adequate against opportunistic attacks (≈ 4 billion possibilities)
- 5 words ≈ 40 bits — recommended baseline (≈ 1 trillion)
- 6 words ≈ 48 bits — comfortable for high-stakes (≈ 280 trillion)
- 7 words ≈ 56 bits — overkill for memorability use cases
Real EFF diceware (7,776 words) gives 12.92 bits/word, so 4 diceware words ≈ 51.7 bits. To match that with this 256-word list, use 6 or 7 words. The tradeoff is wordlist size — embedding 7,776 words would bloat the page significantly; 256 words is enough for nearly all practical passphrase uses.
Tips for memorising
- Build a story. "The cyber bonsai used an anchor in cinder dust." Easier than memorising five disconnected words.
- Capitalise inconsistently. "cyber-Bonsai-anchor-CINDER-emerald" — same entropy (capitalisation doesn't add bits if it's predictable), but visual variety helps recall.
- Type it 30 times the day you generate it. Muscle memory in your fingers becomes the recall, not active recollection.
- Don't write it down "just in case." If you need a fallback, store it encrypted with a different (memorised) passphrase. The 12.5K-bit phrase you wrote on a Post-it is now a 0-bit phrase.
Related
- Random character passwords — for anything in a password manager.
- Password strength checker — paste any password and see its entropy + crack-time estimate.
- How long should a password be? — full math + threat-model guide.
- Hash function selection — for the server-side question (argon2id / bcrypt for storage).
FAQ
Why a passphrase instead of a random password?
Passphrases are made for things you have to type. "cyber-bonsai-anchor-cinder-emerald" you can read off your phone and type into your laptop in seconds; "kP3@x9Vz!Q7m" takes minutes and you'll mistype it twice. For passwords that live in a password manager, random characters win on entropy per length. For anything you actually type, passphrases win on usability per security.
How many words should I use?
4 words ≈ 32 bits (defeats casual attacks). 5 words ≈ 40 bits (recommended for most uses). 6 words ≈ 48 bits (high security). 7+ words is overkill for the threat model that passphrases address; if you need >50 bits, generate a random character password instead.
Is this real diceware?
It's the same idea but with a smaller curated wordlist (256 short, distinctive English words). Real EFF diceware uses 7,776 words for 12.92 bits per word — but the 50KB wordlist would bloat the page, and the difference (8 bits/word here vs 12.92 bits/word) just means you use 5 words here where you'd use 4 in diceware. Same security floor, different word source. EFF's official diceware lists are linked for users who want maximum entropy per word.
Can I add digits to make it stronger?
Yes — toggle 'Append 2 digits.' That adds about 6.6 bits (log₂(100)) to the passphrase entropy. More importantly, it satisfies the dumber password-policy filters that demand a digit somewhere. Real security comes from word count, not from the digits.
What separator should I use?
Whatever you'll consistently type and won't get auto-corrected. Dashes are the most universal. Spaces only if the system accepts them in a password (most do; some legacy ones don't). Underscores work everywhere but require shift on some layouts.