~/Blog

Brandon Rozek

Photo of Brandon Rozek

PhD Student @ RPI studying Automated Reasoning in AI and Linux Enthusiast.

Generate Secure Passphrases Locally with Diceware

Published on

Updated on

Warning: This post has not been modified for over 2 years. For technical posts, make sure that it is still relevant.

Diceware is a passphrase generator proposed by Arnold G. Reinhold. Passphrases contain multiple words which are chosen according to a sequence of dice rolls. Let’s look at a simplified example where we have binary dice (0 or 1) and we have a wordlist of two dice rolls.

00	abacus
01	abdomen
10	abdominal
11	abide

If you roll a zero twice, then you choose the word abacus. If you roll a zero and then a one, you choose the word abdomen.

In reality, Joseph Bonneau over at the EFF, compiled a wordlist that consists of six dice rolls with a regular 5 sided dice. Resulting in a total of $6^5$ or 7776 different english words.

Instead of rolling physical dice forever, we can use a nicely put together python package called diceware. It is easily installable via pip: pip install diceware. The README explains the security implications far better than I can. At the time of writing, it uses by default urandom on Linux to choose 6 words from the EFF word list from before.

diceware

Gave me the random passphrase “DrearilyUncorruptOutboardKneeSubzeroGumdrop”.

Reply via Email Buy me a Coffee
Was this useful? Feel free to share: Hacker News Reddit Twitter

Published a response to this? :