Diceware Passphrase Generator
Memorable Diceware passphrases from the EFF large wordlist.
Why a passphrase?
A passphrase is a sequence of random words. It trades a little length for a lot of memorability: ostrich-vivid-carton-jukebox is far easier to remember and type than x9$Kp#2v, yet much harder to crack. Passphrases shine wherever a human must actually remember the secret — a password manager's master password, full-disk encryption, or a login you type daily.
The EFF wordlist and entropy
This generator uses the EFF large wordlist: 7,776 words chosen to be common, distinct and easy to spell. Each word drawn uniformly at random adds log₂(7776) ≈ 12.9 bits of entropy. Four words give about 51 bits — fine for rate-limited logins. Six words give about 77 bits, and eight words about 103 bits, which is strong enough for offline-attack scenarios like encryption keys. The strength comes purely from the number of words, not from keeping the method secret: an attacker who knows the wordlist still faces 7776⁶ combinations.
How it works here
The wordlist ships with the page and words are picked with crypto.getRandomValues() using rejection sampling, so every word is exactly equally likely. Your passphrase is generated on your device and never transmitted or stored.
Nothing leaves your browser
- Every value comes from
crypto.getRandomValues()— the CSPRNG built into your browser, neverMath.random(). - Generated secrets are never transmitted, logged or stored: no server-side generation, no cookies, no localStorage.
- Verify it yourself in the network tab: after loading, the page only talks to our self-hosted, cookie-less analytics — which counts page views and which generator type gets copied, never any value.
- Strict Content-Security-Policy; no third-party script origins.