Diceware Passphrase Generator
Generate memorable, crypto-secure Diceware passphrases from the EFF large wordlist right in your browser, with live entropy in bits.
Passphrases are generated locally in your browser from a bundled copy of the EFF wordlist — no dice rolls, words, or results are ever uploaded. Still, treat any generated passphrase as a real secret and store it in a password manager rather than reusing it in plain text.
Prefer a character password? Open the Password Generator.
About Diceware Passphrase Generator
This Diceware passphrase generator strings together random words from the 7776-word EFF large wordlist to build a passphrase you can actually remember but a machine cannot guess. Each word is chosen with crypto.getRandomValues, so every roll is unpredictable and contributes about 12.9 bits of entropy — a six-word passphrase lands near 78 bits, well past the point of practical brute force. Pick the number of words, choose a separator, optionally capitalize each word, and append a number or symbol to satisfy strict password rules. The entropy readout updates live so you can see exactly how strong the result is before you use it for a password manager master key, a disk-encryption phrase, or an SSH key passphrase. Built for developers and the privacy-conscious, everything runs on your device and no passphrase is ever transmitted.
Features
- Draws words from the full 7776-word EFF large wordlist (the modern Diceware standard)
- Cryptographically secure word selection via crypto.getRandomValues with unbiased sampling
- Adjustable word count with a slider (four to twelve words)
- Choose a separator — hyphen, space, dot, underscore, or a custom string
- Optionally capitalize each word for a Correct-Horse style passphrase
- Append a random digit and/or symbol to pass strict complexity rules
- Live entropy readout in bits plus a Weak-to-Very-strong strength meter
- Runs entirely in your browser so the generated passphrase never leaves your device
How to use the Diceware Passphrase Generator
- Drag the Words slider to pick how many words your passphrase should contain.
- Choose a separator, and toggle Capitalize, Add number, or Add symbol as needed.
- Read the entropy in bits and the strength label to confirm it is strong enough.
- Click Regenerate for a fresh roll, then copy the passphrase to your clipboard.
Example
Input
6 words, hyphen separator, capitalize off
Output
acetone-driveway-mumble-pacifist-repayment-untimely
Six EFF-wordlist words joined by hyphens give about 78 bits of entropy.
Common errors & troubleshooting
- A site rejects the passphrase because it has no digit or special character. — Enable Add number and Add symbol to append one of each — the words still carry the entropy, the extras just satisfy the complexity rule.
- Spaces in the passphrase get mangled when pasted into a form. — Switch the separator to a hyphen, dot, or underscore, which survive copy-paste and shell arguments more reliably than spaces.
- A four-word passphrase is rated only Fair. — Increase the word count — each extra word adds about 12.9 bits, so five or six words reaches Strong to Very strong.
- The passphrase feels too long to type on a phone. — Fewer, capitalized words with an appended symbol keep length down while staying memorable, though shorter phrases trade away some entropy.
Frequently asked questions
- What is Diceware and why use a passphrase instead of a password?
- Diceware selects random words from a numbered wordlist — traditionally by rolling dice — to build a passphrase that is easy for a human to remember but has enough entropy to resist guessing. Random words are far easier to recall than a scramble of symbols while still being strong.
- Which wordlist does this generator use?
- It uses the EFF large wordlist of 7776 words, the same list the Electronic Frontier Foundation recommends. Every word gives log2(7776) which is about 12.925 bits of entropy per word.
- How many words should a Diceware passphrase have?
- Five words (about 65 bits) is a reasonable floor and six words (about 78 bits) is a strong, common choice. For a master password protecting many secrets, seven or eight words adds a comfortable safety margin.
- Does adding a number or symbol make it more secure?
- Only marginally. The word choices already provide the entropy; an appended digit or symbol adds just a few bits and mainly exists to satisfy sites that demand a number or special character. This tool does not count those extras in the reported bits.
- Is the word selection actually random, or does it repeat words?
- Each word is picked independently with crypto.getRandomValues using rejection sampling for an unbiased index, so words can repeat — which is expected and does not weaken the math. The entropy formula assumes independent draws with replacement.
- Are the generated passphrases sent to a server?
- No. The Diceware passphrase generator runs entirely in your browser. Every passphrase is assembled locally from the bundled wordlist and never leaves your device or reaches ArrayKit.
Related tools
- Password Generator — Generate strong, random passwords with a strength meter (crypto-secure).
- Password Strength Checker — Check password strength with entropy, character-set and common-pattern analysis, in your browser.
- Bcrypt Generator — Hash a password with bcrypt and verify a password against a bcrypt hash, in your browser.
- UUID Generator — Generate one or many random UUID v4 values.
- Hash Generator — SHA-256 / SHA-1 / SHA-384 / SHA-512 via the Web Crypto API.
- TOTP / 2FA Generator — Generate time-based one-time passwords (2FA codes) from a base32 secret.
All ArrayKit tools