Passphrase Generator
Cryptographically secure passphrases you can actually remember.
Entropy Statistics
Keyspace
2.21 × 10^23
combinations
Bits per Word
~12.9 bits
7,776 words
Time to Crack
3.5 thousand years
at 1012 guesses/sec
Crack time assumes an attacker capable of 1 trillion (1012) guesses per second, comparable to a large-scale, state-sponsored operation. Average crack time is based on searching half the keyspace.
Why Use a Random Passphrase?
Human-created passwords follow predictable patterns that attackers exploit. We substitute letters with numbers, append dates, and reuse familiar words. All patterns that modern cracking tools anticipate.
A randomly generated passphrase from a 7,776-word list provides ~12.9 bits of entropy per word. That means each word you add multiplies the difficulty by nearly 8,000x.
Six random words give you approximately 77.5 bits of entropy, enough to resist brute-force attacks for decades, even against nation-state adversaries.
| Words | Entropy (bits) | Strength |
|---|---|---|
| 3 | 38.7 | Weak |
| 4 | 51.7 | Moderate |
| 5 | 64.6 | Moderate |
| 6 | 77.5 | Strong |
| 7 | 90.5 | Very Strong |
| 8 | 103.4 | Excellent |
| 9 | 116.3 | Excellent |
| 10 | 129.2 | Excellent |
Passphrase Best Practices
Protect What Matters
Use passphrases for your most critical accounts: password managers, email, disk encryption, and financial services.
Never Reuse
Generate a unique passphrase for each account. One breach shouldn't compromise everything.
Write It Down Initially
It's OK to write a new passphrase on paper while memorizing it. Store it securely and destroy it once memorized.
Use a Password Manager
For per-site passwords, use a password manager locked with a strong passphrase from this generator.
The EFF Dice-Roll Method
The Electronic Frontier Foundation (EFF) developed the dice-roll passphrase method to provide a simple, verifiable way for anyone to generate strong passwords without trusting software.
Their curated wordlist of 7,776 common English words was specifically chosen for memorability. Each word is distinct, easy to spell, and unlikely to be confused with others. By rolling five physical dice, you select a word with true hardware randomness.
This generator reproduces that process digitally using crypto.getRandomValues(), the browser's cryptographic random number generator, the digital equivalent of perfectly fair dice.