📝 Passphrase Generator

Last updated: January 15, 2026

Passphrase Generator

Diceware-style memorable passphrases — cryptographically random, browser-only.

5
Your passphrase will appear here...

How to Create Strong Passphrases Using the Diceware Method (And Why You Should)

Most people pick passwords the wrong way. They take a word they already know — the name of a pet, a favourite city, a sports team — and dress it up with a number and an exclamation mark. The result feels personal and therefore feels secure. It is not. Attackers have had dictionary files containing millions of these "personalised" patterns for years. The real answer is not a complicated string of gibberish you will forget by tomorrow morning. It is a passphrase.

Passphrases are sequences of ordinary words strung together at random. The phrase coral-frozen-brisk-manor-tulip looks almost poetic, but an attacker cannot guess it by knowing your birthday or your dog's name. Its strength comes entirely from randomness — not from obscurity. This tutorial walks you through how our Passphrase Generator works, what the numbers mean, and how to actually use the passphrases it creates.

Step 1: Understand Why Words Beat Random Characters

Security researchers often quote the NIST Special Publication 800-63B, which shifted guidance away from forcing users to create complex character-soup passwords. The reason is mathematical. A password like Tr0ub4dor&3 has roughly 28 bits of entropy because humans are predictable — they capitalise the first letter, substitute "0" for "o" and "3" for "e", and add a symbol at the end. Attackers know all of these tricks.

A four-word passphrase drawn randomly from a 500-word list has roughly 45 bits of entropy. A five-word passphrase from the same list has about 56 bits. Once you scale the word list to 500+ words, which our generator uses, six words delivers around 75 bits — enough to defeat all known offline attacks at practical computing speeds. And you can actually memorise it.

Step 2: Set Your Word Count

Open the generator and look at the word-count slider. It runs from 3 to 10. The generator shows you the estimated entropy in bits as you slide it.

  • 3 words: Around 27 bits — fine for low-stakes throwaway accounts, not for anything you care about.
  • 4–5 words: 36–56 bits — solid for most everyday logins where you also have two-factor authentication enabled.
  • 6–7 words: 67–78 bits — the sweet spot. Memorable, safe against offline attacks, acceptable for email and banking.
  • 8+ words: Beyond 89 bits — use this for your master password manager passphrase, your full-disk encryption key, or anything that protects many other secrets.

The key insight: every additional word multiplies the search space by the size of the word list. That multiplication is the source of the security. Adding one more word is far more effective than adding a capital letter or a number.

Step 3: Choose a Separator That Suits You

Separators exist because many systems require at least one non-alphabetic character, and because they visually break the phrase into chunks your brain can scan quickly. Our generator offers several built-in options:

  • Dash ( - ): The Diceware classic. Clean, readable, universally accepted by password fields.
  • Space ( ): The most natural for human memory, since we already think in word-separated sentences. Some password fields reject spaces — test first.
  • Dot ( . ): Looks technical, similar to a domain name. Easy to type on mobile.
  • Underscore ( _ ): Common in developer contexts. Never rejected by password fields.
  • Hash ( # ): Provides a "special character" that some legacy systems demand.
  • Custom separator: Type anything into the custom field — a star, a slash, even a number. This is especially useful if a system requires a digit inside the password rather than just at the end.

The separator itself does not add meaningful entropy (an attacker who knows you use Diceware will try all common separators), so pick whichever you find easiest to type and remember.

Step 4: Use the Extra Options Strategically

The three checkboxes — Capitalize words, Append number, Append symbol — exist for one reason: some websites still enforce legacy complexity rules that require uppercase letters, digits, and symbols. These options satisfy those rules without making the passphrase hard to remember.

Capitalize words turns river-noble-grove into River-Noble-Grove. It adds almost no entropy (an attacker will try both capitalised and lowercase variants), but it satisfies the "must contain uppercase" rule instantly.

Append number adds a two-digit number (10–99) after the last word. That is about 6 extra bits of entropy — small but real, and it satisfies the "must contain a digit" rule.

Append symbol picks one of 10 common symbols at random and appends it. Again, a modest entropy boost that unlocks compatibility with strict legacy systems.

For your actual high-value accounts, skip these options when possible and just add more words instead. Six plain words beat four capitalised words with a symbol, both in entropy and in memorability.

Step 5: Read the Strength Badge and Entropy Number

After generating, you will see a coloured badge (Weak / Fair / Strong / Very Strong / Extremely Strong) and a bit count. Here is what those bits mean in practical terms:

  • Under 40 bits: A modern GPU cluster cracks this in hours to days offline.
  • 40–59 bits: Safe against online attacks (where rate-limiting applies), risky offline.
  • 60–79 bits: Offline attacks would take millions of years at current speeds. Suitable for most accounts.
  • 80–99 bits: Resistant to any foreseeable attack, including specialised hardware. Use for email, banking, work accounts.
  • 100+ bits: The entropy of a strong random encryption key. Reserve for master passwords and disk encryption.

These estimates assume an attacker knows you used this specific word list and separator style — the worst-case honest analysis. Real-world attackers rarely have that information, so actual security is even higher.

Step 6: Memorise the Passphrase

This is where passphrases genuinely win. Your brain is wired for story and sequence. Take ocean-brave-ember-tulip-quick and invent a quick mental image: a brave sailor crossing the ocean lights an ember under a quick-growing tulip. Absurd images stick. You do not need to rehearse the mnemonic — just type the passphrase three or four times after generating it and the motor memory takes over.

If you are assigning it to a password manager account or disk encryption, write it on a physical piece of paper and store it somewhere physically secure (a drawer at home, a safe) until you have typed it enough times to be confident. Then shred the paper.

Step 7: Generate and Store — One Passphrase Per Account

Never reuse a passphrase. If one service suffers a data breach and your passphrase leaks, every other account sharing it is instantly compromised. Use a different generated passphrase for every site, and store them in a reputable password manager (Bitwarden, 1Password, KeePass). Your master password for that manager should be your strongest passphrase — 7 or 8 words, no reuse, written physically until fully memorised.

Everything in this generator runs entirely inside your browser. No words are sent to any server. No logs are kept. The randomness comes from window.crypto.getRandomValues(), the same cryptographic API used by banking software and operating systems. You can even disconnect from the internet before generating, and it will work identically.

Strong security does not have to be painful. A six-word passphrase takes three seconds to generate, five minutes to memorise, and a billion years for an attacker to crack. That trade-off is why Diceware has been the gold standard since 1995 — and why it still is.

FAQ

How is a passphrase different from a regular password?
A password is typically a short string of mixed characters that relies on complexity to resist guessing. A passphrase is a sequence of several random words that relies on length and randomness. Because each word multiplies the search space exponentially, a five-word passphrase is often stronger than a ten-character mixed-character password — and far easier to remember and type.
What is 'entropy' and why does it matter?
Entropy, measured in bits, describes how unpredictable something is. One bit means two equally likely possibilities; 60 bits means 2^60 (about one quintillion) possibilities. Higher entropy means an attacker must try more combinations before stumbling on the correct answer. For offline attacks where an attacker can try billions of guesses per second, you generally want at least 60 bits; 80+ bits is recommended for critical accounts.
Does the separator I choose affect security?
Very slightly. The separator itself contributes minimal entropy because sophisticated attackers assume common separators (dash, space, dot) when cracking Diceware-style passphrases. However, an unusual custom separator — a number, a slash, or a multi-character string — adds a small unpredictability bonus. The main reason to choose a separator is usability: pick whichever is easiest for you to type consistently.
Is it safe to use this tool on a shared or public computer?
It is better to avoid shared computers for generating high-value passphrases. While this generator runs entirely in-browser with no server communication, shared machines may have keyloggers, clipboard-sniffing software, or screen capture tools installed. If you must use a shared computer, close the browser tab immediately after copying, clear the clipboard, and change the passphrase as soon as you are on a trusted device.
How many words do I need for a truly uncrackable passphrase?
With a dictionary of 500+ words, six words delivers roughly 75 bits of entropy — enough that no known hardware configuration could crack it within a human lifetime. For your most sensitive accounts such as a password manager master key or full-disk encryption, use 8 words (around 100 bits). Beyond that, the extra words are insurance against future computing advances rather than a response to current threats.
Should I still use two-factor authentication if I have a strong passphrase?
Yes, absolutely. A strong passphrase protects you against offline attacks on stored password hashes, but it cannot protect against phishing (where you are tricked into typing your passphrase into a fake site) or credential-stuffing attacks (where your passphrase was leaked in plaintext from a poorly secured service). Two-factor authentication blocks both of these attacks, so combining a strong passphrase with 2FA gives you layered defence.