Diceware Passphrase Generator: Verifiable Random Passphrases
Diceware is a passphrase method invented by Arnold Reinhold in 1995 that derives its security from a process you can verify with physical dice. Each word in the output corresponds to a unique five-digit number (11111 through 66666) in a published word list, most famously the EFF's 7,776-word list released in 2016. Rolling five dice determines one word; repeat five or six times and you have a passphrase whose randomness you can audit yourself, independent of any software. This generator replicates that process using the Web Crypto API to simulate fair dice rolls, producing passphrases that match exactly what you would get from physical dice and the EFF word list. The result is important for cryptographers and security-conscious users who want passphrases that are not only random but provably, demonstrably random — where the generation process can be described to a skeptic in one sentence: 'I rolled dice and looked up the results in a public table.'
Open Password Generator →What Is Diceware Passphrase Generator: Verifiable Random Passphrases?
Diceware is a standardized passphrase generation method where each word is selected by rolling five six-sided dice and mapping the result to an entry in a published word list. The EFF large word list contains 7,776 entries, giving each word 12.9 bits of entropy. A five-word Diceware passphrase yields 64.5 bits of entropy — strong by any current standard — and the process is independently auditable.
How to Use the Password Generator
- Step 1: Select the number of words: five for general strong use, six for master passwords or disk encryption keys.
- Step 2: Click Generate to simulate five dice rolls per word using the browser's cryptographically secure random number generator.
- Step 3: Each word displayed corresponds to a specific entry in the published EFF large word list — you can cross-reference the index numbers shown.
- Step 4: Optionally verify by rolling physical dice yourself and looking up each five-digit result at eff.org/dice.
- Step 5: Join the words with spaces or hyphens to form your final passphrase.
- Step 6: Store the passphrase in a password manager or memorize it using spaced repetition before closing the tab.
Example
Example format (do not use this exact string): abacus twist koala onward panel velvetPro Tips
- The EFF word list was specifically curated to exclude homophones, offensive terms, and words easily confused by non-native speakers — making it ideal for international teams.
- If you want to verify the generator's output, note the index numbers displayed and cross-reference them at eff.org/files/2016/07/18/eff_large_wordlist.txt.
- Physical dice remain the gold standard for Diceware if you have genuine paranoia about software randomness — this generator is for convenience, not adversarial environments.
- Six Diceware words is the recommendation for credentials protecting high-value assets like a password manager vault or an encryption key stored offline.
- Never add predictable modifications like capitalizing the first letter of every word or appending '1!' — these patterns reduce effective entropy when attackers know about them.
Ready to Try It?
Free, browser-based, no signup required.
Launch Password Generator Free →FAQ's
Diceware uses a specific, published word list and a defined dice-roll mapping, making the generation process independently verifiable. A regular passphrase generator may use any word list and any random algorithm. Diceware's value is auditability — you can reproduce and verify results with physical dice and the public EFF word list without trusting any software.
Five dice produce 6^5 = 7,776 possible outcomes, which matches the length of the EFF word list. This gives each word exactly log2(7,776) ≈ 12.9 bits of entropy. Using fewer dice would produce a smaller word list and less entropy per word; using more would require a larger list. Five is the balance between manageability and security.
For most threat models, yes. The Web Crypto API uses the operating system's entropy pool (hardware random number generator on modern devices), which is cryptographically secure. The distinction matters only in extreme threat models — government-level adversaries or air-gapped environments — where physical dice and an offline word list are appropriate.
Five words (64.5 bits) is strong for almost all uses. Six words (77.4 bits) is recommended for password manager master passwords. Seven words (90.3 bits) is considered appropriate for long-term archival encryption. Fewer than five words is not recommended for any security-sensitive application.
You can, but it is not necessary if you choose enough words. Adding a digit or symbol does add entropy, but if you are already at five or six words, the marginal benefit is small. Only do so if a system requires it — and if you do, add it randomly (not always '1!' at the end) to avoid introducing a predictable pattern.
The EFF 2016 word list is generally preferred for modern use because it was cleaned of obscure words, homophones, and potentially offensive terms. It also contains longer words on average, making passphrases slightly easier to distinguish phonetically. Both lists are secure — the choice mainly affects memorability and usability.
Diceware passphrases are best for credentials that require both high security and manual entry: password manager master passwords, full-disk encryption keys, PGP private key passphrases, and sudo passwords on critical servers. Any scenario where you need a credential you can prove is random and must occasionally type by hand is ideal.
No — from a security standpoint, any ordering of five randomly chosen words from a 7,776-word list is equally strong. Reordering does not weaken or strengthen the passphrase because attackers must try all permutations of all word combinations regardless of order. Choose the order that feels most natural to recall.