UtilitiesTools

Passphrase Generator

Generate a strong, memorable passphrase — several random words in the style of "correct-horse-battery-staple" — right in your browser. It uses the Web Crypto API for cryptographically secure randomness, shows the real entropy, and never sends anything to a server.

Generating…

Strength: —

Options

🔒 Generated in your browser. Never uploaded, logged, or stored.

What is a passphrase, and why it beats a password you can't remember

A passphrase is a secret made of several ordinary words chosen at random — something like amber-canoe-bishop-velvet-ranger — instead of a short scrambled string like Tr0ub4dor&3. The famous xkcd comic #936 captured the insight in one panel: a handful of random common words is both easier for a human to remember and harder for a computer to crack than a short password full of substituted characters. The reason is simple. The strength of a secret comes from how many equally likely possibilities it was drawn from, and stringing together several truly random words multiplies those possibilities far faster than sprinkling symbols into one short word does. This passphrase generator gives you that memorable-yet-strong secret in a single tap, with no account and nothing leaving your device.

How this generator works

Each time you generate, the tool draws words at random from a curated, bundled list of 512 short, common, easy-to-spell English words. Because the list holds exactly 512 words, every word you add contributes nine bits of entropy — that is log2(512) = 9. The words are picked with your browser's Web Crypto generator, crypto.getRandomValues, using rejection sampling so that every word in the list is exactly equally likely; there is no bias toward any part of the list. You choose how many words you want (three to eight), pick a separator, and optionally capitalize the words or append a random number and symbol. Then you copy it and you are done.

Why Web Crypto matters

The single most important thing a generator like this has to get right is the source of randomness, and many quick scripts get it wrong. They use Math.random(), which is fast but not cryptographically secure: its output can be predicted from earlier values, so a knowledgeable attacker could in principle reconstruct what it produced. This tool never uses Math.random(). It uses crypto.getRandomValues, the cryptographically secure generator built into every modern browser, and it maps the raw random values into the wordlist carefully so the choice stays perfectly uniform. That is a real security property, not a marketing line.

Reading the entropy meter

The meter shows the total entropy in bits and a plain-English band. More bits means exponentially more guesses an attacker must try. As a rule of thumb, five or six words is a sensible minimum: six words from this list is about 54 bits, and seven words is about 63 bits, before any added number or symbol. The crack-time note is deliberately honest — it assumes the attacker already knows the method (so they search the word combinations, not the characters) and tries a very fast one trillion guesses per second. We only count the random word and character choices toward entropy, never the capitalization or separator, because an attacker who knows the recipe knows those rules too. When you pick too few words, the meter says the phrase is weak rather than flattering the choice.

Making it fit annoying site rules

Plenty of sites still insist that every password contain a number and a symbol, which is awkward for a pure word phrase. Toggle on Add a number and Add a symbol and the tool appends a random digit and symbol to the phrase without hurting how memorable it is, and the entropy meter accounts for the small extra randomness they add. You can also capitalize each word or switch to camelCase if a site refuses hyphens or spaces.

Passphrase vs password — when to use which

Use a memorable passphrase for the handful of secrets you actually type by hand: the master password for your password manager, your disk-encryption key, your primary email. For everything a password manager stores and fills for you, a fully random character string is perfectly fine and even more compact — for that, use our Password Generator. The two tools are siblings for the two halves of the same job. If instead you need a unique identifier rather than a secret, the UUID Generator creates RFC-compliant UUIDs, and when you simply need random numbers in a range the Random Number Generator handles that.

Your privacy

Generation is entirely in your browser. The passphrase you see is never sent across the network, never written to a log, and never saved on any server — we cannot see it even if we wanted to. Close or refresh the page and it is gone. The wordlist and method are credited to the EFF's diceware work and to Arnold Reinhold, who introduced diceware in 1995.

Frequently asked questions

Is a passphrase really more secure than a password?

For a secret you have to remember and type yourself, yes. Several random words give a lot of entropy while staying memorable, whereas a short scrambled string is both weaker and impossible to recall. The entropy meter shows the strength so you can compare honestly. For secrets a password manager stores for you, a fully random character password is fine too.

How many words should I use?

Five or six words is a good default. With this tool each word adds nine bits of entropy, so six words is about fifty-four bits and seven words is about sixty-three bits before any added number or symbol. The meter updates live as you change the word count, and tells you plainly when a short phrase is weak.

Is the generator actually random and secure?

Yes. Each word is chosen with the browser's Web Crypto generator, crypto.getRandomValues, using rejection sampling so every word in the list is exactly equally likely. It never uses Math.random(), which is not cryptographically secure and is a common weakness in throwaway generators.

Do you store or see the passphrases I generate?

No. Everything happens in your browser. The generated passphrase is never sent over the network, never logged, and never saved on any server. When you close or refresh the page it is gone, and we never see it in the first place.

Can I add a number or symbol for sites that require one?

Yes. Toggle on add a number and/or add a symbol and a random digit and symbol are appended to the phrase. The entropy meter accounts for the extra randomness, so the strength figure stays honest.

What is the difference between this and your Password Generator?

This tool makes memorable word-based passphrases, like correct-horse-battery-staple, that you can actually recall. The Password Generator makes random-character strings that are ideal when a password manager stores them for you. Use a passphrase for things you type by hand, and a random password for everything a manager remembers.

Related tools

Password Generator Need a fully random character password instead? Build one with length and character controls, Web Crypto, no sign-up. Generators UUID Generator Need a unique identifier rather than a secret? Create one or many RFC-compliant UUIDs (v4, v1, v7). Generators Random Number Generator Just need random numbers? Pick a min and max and generate random integers instantly. Generators

More tools in Generators

Password Generator Generate a strong, truly random password in your browser with a length slider and character toggles — nothing is sent to any server, no sign-up. Generators Phone Number Generator Generate fake but valid-format phone numbers per country (with reserved fictional ranges) for QA and form testing. Generators PIN Generator Generate a random, crypto-secure PIN code (4/6/8 digits) that avoids easy-to-guess patterns — all in your browser. Generators QR Code Generator Turn a link or text into a downloadable QR code in your browser — pick colors, error correction and size, then download PNG or SVG with no signup, no watermark and no expiry. Generators