Diceware Passphrase Guide: How to Generate Secure Passphrases

What Is Diceware?

Diceware is a method for generating passphrases by randomly selecting words from a curated word list. The original method, invented by Arnold Reinhold in 1995, used physical dice to select words: you roll five dice, look up the resulting five-digit number in a word list, and the corresponding word becomes one word of your passphrase. Repeat for each word you want in your passphrase.

The genius of Diceware is that it produces passphrases that are both highly secure and genuinely memorable. A passphrase like correct-horse-battery-staple (the famous xkcd example) is far easier for a human to remember and type than a random string like X7$kP2#mL9, yet the passphrase can have equal or greater entropy depending on its length.

How Diceware Works

The Diceware process is elegantly simple. At its core, it relies on uniform random selection from a word list of known size. Here is how it works:

The Word List

A Diceware word list contains exactly 7,776 words (6⁵ = 7,776). Each word is assigned a five-digit number using digits 1 through 6, corresponding to the faces of a die. For example, the number 16655 might map to the word "cleft" and 44311 might map to "muddy."

The original Diceware list by Arnold Reinhold contains short English words, abbreviations, and some numbers. The EFF (Electronic Frontier Foundation) later published improved lists that exclusively use common, easy-to-spell English words, which significantly improves usability without reducing security.

The Generation Process

For each word in your passphrase:

1. Roll five standard six-sided dice (or use a cryptographically secure random number generator, which is what our Password Generator does).
2. Read the five dice as a five-digit number. For example, rolls of 3, 5, 1, 6, 2 produce the number 35162.
3. Look up the number in the word list to find the corresponding word.
4. Repeat until you have the desired number of words.

The critical property is that each word is selected independently and uniformly at random from the full 7,776-word list. This means the entropy per word is exactly log₂(7,776) = 12.92 bits, regardless of which words are selected or what they mean.

Entropy Per Word

The beauty of Diceware is that the entropy calculation is precise and transparent. Each word contributes exactly log₂(N) bits of entropy, where N is the word list size. For the standard 7,776-word list:

For most purposes, a 6-word passphrase (77.5 bits) provides excellent security. The EFF recommends at least 6 words for any important purpose. For the paranoid or for truly high-value targets, 7 or 8 words provide a substantial additional margin.

The EFF Word Lists

In 2016, the Electronic Frontier Foundation published three improved word lists designed to make Diceware passphrases more practical:

EFF Long Word List (Recommended)

The primary EFF list contains 7,776 words (matching the original Diceware list size) carefully selected for the following properties:

• Common English words: No abbreviations, jargon, or obscure terms
• Easy to spell: Words like "rhythm" and "liaison" are excluded
• Distinct: No two words are prefixes of each other (e.g., you will not find both "cat" and "catch")
• Minimum 3 characters: Single and two-letter words are excluded
• No offensive words: The list is safe to use in professional settings

These properties make EFF passphrases significantly easier to type, spell, and remember compared to the original Diceware list, with identical entropy.

EFF Short Word Lists

The EFF also published two shorter lists for special purposes. The "short list 1" contains 1,296 words (6⁴) that can be looked up with only four dice, providing 10.34 bits per word. The "short list 2" uses words that have unique three-character prefixes, useful for autocomplete on mobile devices. These shorter lists require more words to achieve the same entropy, but can be useful in specific scenarios.

Why Passphrases Beat Traditional Passwords

Passphrases offer several concrete advantages over traditional random-character passwords:

Memorability

Humans are inherently better at remembering sequences of meaningful words than sequences of random characters. A passphrase like "timber-anvil-orbit-sketch-walnut" creates a mental image that aids recall. You can picture timber falling on an anvil in orbit while someone sketches a walnut. This narrative quality is impossible with random character strings.

Typing Speed and Accuracy

Words are motor sequences that most people can type fluently. Typing "timber" is faster and less error-prone than typing "X7$kP" because your fingers follow familiar patterns. This advantage is even more pronounced on mobile devices, where special characters require switching keyboard layouts.

Transparent Security

With random-character passwords, it is difficult to assess the actual strength without tools. A password that looks complex may have been chosen through a predictable process. With Diceware, the security is mathematically precise: N words from a 7,776-word list gives exactly N * 12.92 bits of entropy, assuming truly random selection. There is no ambiguity. For a deeper exploration of entropy and how it relates to password strength, read our Password Strength Explained article.

Resistance to Shoulder Surfing

Surprisingly, passphrases can be more resistant to shoulder surfing than complex passwords. A bystander watching you type is more likely to remember a distinctive sequence like "P@ss1!Wx" (because it looks unusual and attention-grabbing) than the mundane words in a passphrase typed at natural speed.

Separator Strategies

The separator between words in a passphrase is a stylistic choice that does not significantly affect security (since the entropy comes from word selection, not separators). Common separator options include:

• Hyphens: timber-anvil-orbit-sketch-walnut -- clean and widely supported
• Spaces: timber anvil orbit sketch walnut -- most natural, but some systems do not accept spaces
• Periods: timber.anvil.orbit.sketch.walnut -- commonly accepted
• No separator: timberanvilorbitsketchwalnut -- harder to read but accepted everywhere
• Numbers: timber3anvil7orbit1sketch9walnut -- adds a small amount of entropy
• Mixed case: Timber-Anvil-Orbit-Sketch-Walnut -- capitalizing first letters adds roughly 1 bit per word

Our Password Generator supports all these separator styles and lets you preview the result before copying.

Common Mistakes to Avoid

Even with Diceware, there are pitfalls that can undermine your passphrase security:

• Choosing your own words: The entire security model depends on truly random word selection. If you pick words yourself, your selections will be biased by familiarity, recent events, and personal preferences, dramatically reducing entropy. Always use a random generator.
• Using too few words: Three words (38.8 bits) is not enough for any serious purpose. Use at least 5 words for general use and 6+ for important accounts.
• Rerolling words you do not like: If you regenerate until you get a passphrase that "sounds good," you are introducing bias and reducing entropy. Accept whatever the random process gives you, or generate a completely new passphrase.
• Using a small word list: Some generators use lists of only 1,000 or 2,000 words. Fewer words means less entropy per word. Stick with the standard 7,776-word lists for full Diceware security.

Generate a Passphrase Now

Ready to create your own Diceware passphrase? Our Password Generator includes a dedicated Passphrase tab that uses the EFF long word list with cryptographically secure random selection. You can customize the number of words, separator style, and capitalization. The entropy and crack time estimates update in real time as you adjust settings.