diceware-pass-gen
v1.0.0
Published
Generate strong, memorable diceware passphrases from the EFF large wordlist (7776 words) with computed entropy. CLI + library, zero dependencies, cryptographically secure.
Downloads
59
Maintainers
Readme
diceware-pass-gen
Generate strong, memorable diceware passphrases from the official EFF large wordlist (7776 words), with the resulting entropy computed and displayed. CLI and library, zero runtime dependencies, cryptographically secure.
A diceware passphrase is built by picking random words from a fixed list. With the 7776-word EFF list, each word contributes log2(7776) ≈ 12.92 bits of entropy, so the default 6-word passphrase carries about 77.5 bits — easy to type and remember, hard to guess.
Why this exists
Random character strings are strong but hard to remember; people end up reusing weak passwords. Diceware passphrases are both strong and memorable. This tool makes the entropy explicit so you can see exactly how strong a passphrase is, instead of trusting a vague "strength meter".
Install
# Run without installing
npx diceware-pass-gen
# Or install globally for the CLI
npm install -g diceware-pass-gen
# Or add as a library
npm install diceware-pass-genRequires Node.js >= 14.
CLI usage
$ diceware-pass-gen
truffle-hazard-rewire-skincare-payback-mascot
entropy: 77.55 bits (6 words from 7776-word EFF list)
$ diceware-pass-gen --words 5 --separator " " --capitalize
Anchor Voucher Mural Reissue Linger
entropy: 64.62 bits (5 words from 7776-word EFF list)
$ diceware-pass-gen -w 7 -n -C 3 -q
unzip-cardboard-shrunk-eclipse-stunt-sappy-zucchini-4
...Options
| Option | Alias | Description | Default |
| --- | --- | --- | --- |
| --words <n> | -w | Number of words | 6 |
| --separator <str> | -s | String between words | - |
| --capitalize | -c | Capitalize the first letter of each word | off |
| --number | -n | Append a random digit at the end | off |
| --count <n> | -C | How many passphrases to generate | 1 |
| --quiet | -q | Print only the passphrase(s) | off |
| --help | -h | Show help | |
| --version | -v | Show version | |
Library usage
const { generate, entropyBits } = require('diceware-pass-gen');
const result = generate({ words: 6, separator: '-', capitalize: false, number: false });
console.log(result.passphrase); // e.g. "truffle-hazard-rewire-skincare-payback-mascot"
console.log(result.entropyBits); // 77.55
console.log(result.words); // ["truffle", "hazard", ...]
// Compute entropy for an arbitrary word count
entropyBits(8); // 103.4 (8 * log2(7776))How it works
- Wordlist: the official EFF large wordlist (7776 words), chosen for memorable, distinct, typo-resistant words.
- Randomness: words are selected with Node's
crypto.randomBytes, using rejection sampling to eliminate modulo bias, so every word is equally likely. There is noMath.random()anywhere in the generation path. - Entropy: reported as
wordCount × log2(7776)bits (pluslog2(10)for the optional trailing digit). This assumes uniform, independent word selection — which is exactly what this tool does.
Choosing a length
| Words | Entropy | Rough guidance | | --- | --- | --- | | 4 | ~51.7 bits | low — only for low-value accounts | | 5 | ~64.6 bits | reasonable for everyday accounts | | 6 | ~77.5 bits | strong, good default | | 7+ | ~90.5+ bits | high-value accounts, master passwords |
Storing your passphrases
A strong passphrase is only useful if you don't reuse it and store it safely. For a hands-on password generator, an explanation of how password strength is measured, and guidance on using a password manager, see PwdFortress:
PwdFortress — Password Generator & strength guidance
Credits
The EFF large wordlist is created by the Electronic Frontier Foundation and released under CC BY 3.0. This project bundles that wordlist unmodified.
