Passphrase Generator

Create strong, memorable passphrases using the diceware method with the EFF wordlist. A passphrase of 4–6 random words is both highly secure and far easier to remember than a complex random password. Generated entirely in your browser.

Click Generate to create a passphrase
🔒 Passphrases are generated in your browser and never transmitted.

What is a passphrase?

A passphrase is a sequence of random words used as a password. Unlike a traditional password (e.g., xK7#mP2q), a passphrase like Correct-Horse-Battery-Staple is easy to remember but still cryptographically strong. The strength comes from the randomness of word selection, not from complexity.

Passphrase entropy explained

Entropy measures how unpredictable a passphrase is. With a 2,000-word list, each word contributes about 11 bits of entropy (log₂(2000) ≈ 11). A 4-word passphrase has ~44 bits, a 5-word passphrase has ~55 bits, and a 6-word passphrase exceeds 66 bits — well above the 50-bit threshold recommended for most accounts. Adding a number or symbol adds a few more bits.

Passphrases vs. passwords

Both approaches can achieve strong security. Passphrases have a major advantage in memorability — humans can recall sequences of words far more easily than random character strings. For a master password manager password or any credential you must type regularly, a 5–6 word passphrase is an excellent choice. For machine-generated secrets (API keys, database passwords) where you'll paste rather than type, a 32-character random password is equally valid.

Frequently Asked Questions

A passphrase is a sequence of random words — like Correct-Horse-Battery-Staple — used as a password. The security comes from having many possible word combinations, while the memorability comes from using real words you can visualize. A 4-word passphrase from our 2,000-word list has ~44 bits of entropy.

A 6-word diceware passphrase (~66 bits of entropy) is equivalent in strength to a randomly generated 10-character password with all character types. The key advantage is memorability — most people can remember "Gentle-Market-Sunrise-Frozen-Cable" but struggle with "xK7#mP2q!8". NIST 2024 guidelines support long passphrases as a valid security strategy.

The EFF wordlist was created by the Electronic Frontier Foundation for diceware passphrase generation. It contains common, unambiguous English words selected to be easy to spell and remember. PassFortify embeds an optimized 2,000-word subset with no offensive or confusing terms.

4 words (~44 bits) works for most online accounts. Use 5–6 words for email, banking, or any high-value service. Use 6–7 words for your password manager master password. The longer the passphrase, the more secure — and with random words, it stays memorable.