Diceware Passphrases: How They Work
How diceware generates cryptographically strong passphrases — word list, entropy, and dice rolls.
Published:
Tags: diceware passphrase generator, diceware method, EFF word list passphrase
Diceware Passphrases: How They Work Part of our complete guide to this topic — see the full series. Most people trust software random number generators because they have no alternative. Diceware offers a different contract: the randomness comes from physical dice — hardware that neither software bugs nor cryptographic vulnerabilities can compromise. Understanding why this matters is understanding why diceware is trusted by security professionals, cryptographers, and privacy advocates worldwide. --- What are the Problem Diceware Solves? Every passphrase generator faces a trust question: is the randomness genuine? For software-based generators, the answer depends on: The quality of the OS entropy pool The correctness of the CSPRNG implementation The absence of bugs, backdoors, or side…
Frequently Asked Questions
What is diceware?
Diceware is a passphrase generation method invented by Arnold Reinhold in 1995. It maps physical dice rolls to words from a public wordlist, producing passphrases whose randomness is guaranteed by trusted physical hardware rather than software algorithms. The name combines 'dice' and 'ware' (as in software).
How does diceware work?
Roll five standard dice and read the five-digit result. Look up that number in the diceware wordlist to get one word. Repeat this process for each word in your passphrase (typically 5–6 words). The resulting sequence of words is your passphrase. Each word is independent — no word choice influences the next.
What is the EFF diceware word list?
The Electronic Frontier Foundation published an improved diceware word list in 2016. It contains 7,776 words (6^5), selected for clarity and memorability — no abbreviations, homophones, or offensive terms. The EFF also publishes short lists optimized for quick entry on mobile devices.
How many words should a diceware passphrase have?
Five words (64.6 bits of entropy) is appropriate for most accounts. Six words (77.5 bits) is recommended for master passwords, full-disk encryption keys, and GPG keys. Four words (51.7 bits) is acceptable for accounts with strong rate limiting and MFA. Three words (38.8 bits) is not recommended for anything sensitive.
What is the entropy of a 6-word diceware passphrase?
A 6-word passphrase from the EFF Large List (7,776 words) has entropy = 6 × log₂(7776) = 6 × 12.925 = 77.55 bits. At 10¹² guesses per second, exhausting this space would take about 7 × 10¹⁰ years — longer than the age of the universe.
All articles · theproductguy.in