Passphrase Generator

Generate strong, memorable passphrases from random words. Everything runs in your browser.

Number of Words

Separator

Custom:

Capitalization

Word Length

Candidates

Insert random digit Insert random symbol

Tips

Words Are Easier to Remember Than Characters

A 4-word passphrase like "tiger-maple-river-cloud" is much easier to remember than "xK9#mQ2$" while providing comparable or better security.

Each Additional Word Multiplies Strength

With a 2048-word list, each word adds 11 bits of entropy. A 4-word passphrase has 44 bits, 6 words give 66 bits, and 8 words provide 88 bits — exponentially harder to crack.

Avoid Famous Phrases and Lyrics

Attackers maintain dictionaries of common phrases, song lyrics, movie quotes, and book titles. Always use randomly generated word combinations.

Add a Number or Symbol to Boost Entropy

Inserting a random digit or symbol between words adds extra entropy while keeping the passphrase easy to type and remember.

Common Use Cases

🔐

Master Password for Password Managers

Create a strong but memorable master password that you can type reliably every day without looking it up.

💽

Full Disk Encryption

Generate a passphrase strong enough for encrypting your entire hard drive with BitLocker, FileVault, or LUKS.

📶

Memorable Wi-Fi Passwords

Create Wi-Fi passwords that guests can easily type when you read them aloud — no confusing characters.

🔑

SSH Key Passphrases

Protect your SSH private keys with a passphrase that is both strong and comfortable to type repeatedly.

💰

Cryptocurrency Wallet Seeds

Generate word-based seeds for securing cryptocurrency wallets and cold storage.

🏢

Shared Team Credentials

Create credentials that can be communicated verbally or written down without ambiguity.

Frequently Asked Questions

How secure is a passphrase compared to a password?

A 4-word passphrase from a 2048-word list provides 44 bits of entropy. A 6-word passphrase (66 bits) is comparable to a 10-character random password with mixed case, digits, and symbols. For most purposes, 4-6 words offer excellent security.

How many words should I use?

4 words is sufficient for most online accounts. Use 5-6 words for important accounts like email or banking. Use 7+ words for encryption keys and high-security environments.

Is my passphrase sent to a server?

No. All generation happens entirely in your browser using the Web Crypto API (crypto.getRandomValues). The wordlist is embedded in the page. Nothing is transmitted or stored.

What wordlist is used?

This tool uses a curated list of 2048 common English words, each 3-8 characters long. The list avoids offensive, obscure, or easily confused words. 2048 words provide exactly 11 bits of entropy per word.

Should I modify the generated passphrase?

The generated passphrase is already random and secure. However, adding a personal tweak — like capitalizing one word or inserting a memorable number — can add extra protection without significantly reducing memorability.

Does this work without an internet connection?

Once the page is loaded, yes. The wordlist and generation logic are all contained in the page, so no internet connection is needed after the initial load.