Diceware Passphrases — Stronger and More Memorable Than Passwords

A 5-word diceware passphrase has ~65 bits of entropy — more than a random 10-character password with mixed case, digits, and symbols (66 bits, but nearly impossible to remember). Diceware wins on both security and memorability.

Generate strong passwords and passphrases with the Password Generator.

How diceware works

1. Roll 5 dice, read numbers left to right: e.g., 2-4-3-1-5
2. Look up "24315" in the diceware word list: → "feast"
3. Repeat 5-6 times to get 5-6 words
4. Combine: "feast cabin torque blimp signal"

The EFF Large Wordlist has 7,776 words (6^5 — one for each 5-dice combination).

Entropy per word: log₂(7776) = 12.92 bits 5-word passphrase: 5 × 12.92 = 64.6 bits 6-word passphrase: 6 × 12.92 = 77.5 bits

Entropy comparison

Random lowercase password:
  8 chars: log₂(26^8) = 37.6 bits — cracked in seconds
  12 chars: log₂(26^12) = 56.4 bits — cracked in hours

Mixed case + digits + symbols:
  8 chars:  log₂(95^8) = 52.6 bits — cracked in days
  12 chars: log₂(95^12) = 78.9 bits — secure but unmemorable

Diceware:
  4 words: 51.7 bits — adequate for low-value accounts
  5 words: 64.6 bits — recommended minimum
  6 words: 77.5 bits — high-security accounts
  7 words: 90.5 bits — NSA-level adversary

Generate diceware passphrases in JavaScript

// Using the EFF Large Wordlist (7776 words):
import { randomInt } from 'crypto';

// Minimal EFF wordlist excerpt — in production, import the full 7776-word list
// Download from: https://www.eff.org/files/2016/07/18/eff_large_wordlist.txt
const EFF_WORDLIST = {
  '11111': 'abacus',
  '11112': 'abdomen',
  '11113': 'abdominal',
  // ... 7776 total entries
};

function rollDice() {
  // Use cryptographically secure random numbers:
  return Array.from({ length: 5 }, () => randomInt(1, 7)).join('');
}

function generatePassphrase(wordCount = 5) {
  const words = [];
  for (let i = 0; i < wordCount; i++) {
    const key = rollDice();
    words.push(EFF_WORDLIST[key]);
  }
  return words.join(' ');
}

// Example output: "correct horse battery staple table"

Load the full EFF wordlist

// Node.js: parse EFF wordlist file
import { readFileSync } from 'fs';

function loadEFFWordlist(filepath) {
  const lines = readFileSync(filepath, 'utf-8').split('\n');
  const wordlist = {};
  for (const line of lines) {
    const [key, word] = line.trim().split('\t');
    if (key && word) wordlist[key] = word;
  }
  return wordlist;
}

const wordlist = loadEFFWordlist('eff_large_wordlist.txt');

function generatePassphrase(wordCount = 5) {
  return Array.from({ length: wordCount }, () => {
    const key = Array.from({ length: 5 }, () => randomInt(1, 7)).join('');
    return wordlist[key];
  }).join(' ');
}

generatePassphrase(6);
// "topple crunch garlic shard bunny oven"

Browser-safe implementation

// Browser: use crypto.getRandomValues (no Node.js crypto module)
function rollDiceBrowser() {
  const bytes = new Uint8Array(5);
  crypto.getRandomValues(bytes);
  return Array.from(bytes).map(b => (b % 6) + 1).join('');
}

// Note: b % 6 introduces tiny bias for values 252-255 (0.4%)
// For crypto-grade: reject and retry those values:
function rollDiceUnbiased() {
  const result = [];
  while (result.length < 5) {
    const byte = new Uint8Array(1);
    crypto.getRandomValues(byte);
    if (byte[0] < 252) {  // 252 = 42 × 6, avoids bias
      result.push((byte[0] % 6) + 1);
    }
  }
  return result.join('');
}

Physical dice (the secure way)

Real-world diceware uses physical dice because:

• No software randomness bugs
• No side-channel attacks (keyboard sniffers, malware)
• No entropy depletion issues

Materials:
- 5 standard dice
- EFF Large Wordlist printed or offline browser page

Process:
1. Roll all 5 dice at once
2. Read left to right (sort by position, not value)
3. Look up in wordlist
4. Write down word on paper
5. Repeat for each word you need
6. Memorize passphrase, then shred the paper

Using passphrases in practice

Password managers: use a strong passphrase as master password
  Example: "correct horse battery staple table" (easy to type, 77 bits)

SSH keys: passphrase-protect your private key
  Example: "topple crunch garlic shard bunny" (4 words fine for local use)

Full-disk encryption: 7+ words (defend against targeted attacks)
  Example: "tractor lemon pencil blanket orbit castle mirror"

Adding entropy with separators and capitalization

Base: "feast cabin torque blimp signal"  (64.6 bits)

+ Capitalize first letter:
  "Feast Cabin Torque Blimp Signal"  → same entropy (attacker tries both)

+ Number separator:
  "feast3cabin7torque2blimp8signal"  → +6.6 bits more (100 separators × 5 positions)

+ Mixed: capitalize + symbol separator:
  "Feast-Cabin-Torque-Blimp-Signal"  → ~67 bits
  (adds minor entropy, mainly helps meet complexity requirements)

Best practice: use 6 words instead of adding complexity. Simplicity = fewer mistakes.

Related tools

• Password Generator — generate random passwords and passphrases
• Brute Force Attack Guide — why entropy matters
• Hash Generator — store passphrases as hashes