Passphrase Generator
Memorable Diceware-style passphrases from a 320-word curated list. Cryptographically random, with live entropy and crack-time display. Runs in your browser.
Strength
fair
- Wordlist
- 320 words
- Entropy
- 49.9 bits
- Crack time
- ~15 hours
Crack-time assumes 10¹⁰ guesses/sec offline attacker against a fast hash.
How to generate a memorable strong passphrase
Pick a word count (6 = strong, 8 = very strong, 10+ = over-built for any realistic threat). Pick a separator and case style — hyphens are universally accepted; Title Case sometimes satisfies legacy complexity rules. ToolChop picks each word independently using crypto.getRandomValues, the browser's cryptographically secure random source. The strength panel shows the resulting entropy in bits and a conservative offline crack-time estimate. Generate 1, 5, 10, or 25 at a time and pick whichever rolls off the tongue.
Why passphrases beat gibberish passwords
cedar-amber-banjo-violet-bridge-cactus is both easier to remember and faster to type than X3#kP9!mZ@aR — and at equivalent character length they have similar entropy. The classic xkcd 936 insight is exactly this: random words from a list give you usable strength. The math is the same as Diceware (Arnold Reinhold, 1995, refined by EFF).
Why a local generator matters for credentials
Passphrases are credentials. A server-side generator has, by construction, seen every passphrase it produced. A site with a 'history' feature has logged them. A CDN with caching could disclose them through caching mishaps. ToolChop generates locally — the passphrase exists in exactly one place: your clipboard, until you paste it into your password manager.
What you can do
- 3–15 words from a curated 320-word common-English list
- Hyphen, underscore, period, space, or no separator
- Lower, Title, or UPPER case
- Optional appended digit to satisfy complexity rules
- Live entropy and crack-time display
- Generate 1, 5, 10, or 25 at once; copy any single or all
Frequently asked questions
How do I generate a strong memorable passphrase online for free?
Pick a word count (6 = strong, 8 = very strong, 10+ = over-built), separator, and case. ToolChop picks each word from a 320-word curated list using crypto.getRandomValues — the same cryptographically secure source password managers use. The strength panel shows entropy in bits and an estimated offline crack time. Generate 1, 5, 10, or 25 candidates and pick whichever rolls off the tongue. No account, no upload, no daily limit.
Why are passphrases better than gibberish passwords?
Two reasons. (1) Memorability: 'cedar-amber-banjo-violet-bridge-cactus' is far easier to remember and type accurately than 'X3#kP9!mZ@aR'. (2) Equivalent strength at the same length: 6 random words from a 320-word list = ~50 bits of entropy, which equals 9 characters of mixed-case + numbers + symbols — but the words are vastly more usable. This is the classic 'xkcd 936' insight.
Does ToolChop send the passphrases to a server?
No. Word picking happens entirely in your browser with crypto.getRandomValues. Passphrases are never transmitted, never logged, never persisted in localStorage. You can verify in DevTools → Network that no request fires when you click Generate.
Why is the privacy story for a passphrase generator important?
Because passphrases ARE the credential. A server-side 'passphrase generator' has, by construction, seen every passphrase it produced. A site with a 'history' feature has logged them. A CDN with caching could disclose them. ToolChop generates locally so the passphrase exists in exactly one place: your clipboard, until you paste it into your password manager.
What is Diceware?
Diceware is a method invented by Arnold Reinhold in 1995: roll physical dice to pick random words from a list, concatenate them into a passphrase. The genius is that each word is independent and uniformly random, so the entropy math is simple and proveable. The EFF maintains modern Diceware wordlists that have become the standard for memorable strong passphrases.
How big is ToolChop's wordlist?
320 common English words, 3–7 letters each, hand-curated for typing ease. log2(320) ≈ 8.32 bits per word. 6 words ≈ 50 bits, 8 words ≈ 67 bits, 10 words ≈ 83 bits. Smaller than the standard 7,776-word EFF list, but with shorter words and simpler typing.
How many words should I use?
Treat the bits/crack-time as the source of truth. For most accounts (an email, a banking login that uses a slow KDF on the server), 6–7 words is plenty. For an offline-decryption secret like a vault master password or disk encryption, 8+ words is the right floor. For paranoid uses, 10–12 is fine.
Why is the entropy lower than 'X bits per word × N'?
It is not — the displayed bits are exactly log2(320) × words, assuming each word is independently uniformly sampled (which crypto.getRandomValues guarantees). The estimate is conservative because real attackers do not always know the exact alphabet you used; if they do, this is your floor.
What about adding a random digit?
The 'append a random digit' option adds ~3.3 bits of entropy (log2 10) and satisfies password-complexity rules that demand a number. It is barely measurable security-wise — one extra word is roughly 2.5× more. Use it when you have to meet a rule, not for genuine strength.
Should I worry about word combinations sounding like common phrases?
No — because the words are independently random. The chance of picking a recognizable phrase like 'red-rose-pretty' is vanishingly small, and even if you did, attackers cannot exploit that without bypassing the entropy math. Each word selection is uniform regardless of context.
Why is the separator option useful?
Some target systems disallow spaces, others require special characters. Hyphens are universally accepted and easy to type. Spaces produce the most readable form ('cedar amber banjo violet'). Periods or underscores satisfy some legacy systems. No separator is the most compact but worst for memorability.
Should I store the generated passphrase anywhere?
In a password manager (1Password, Bitwarden, KeePass, your OS keychain) for non-memorized credentials. Master passphrases (the one that protects everything) should be memorized — that is the entire point of choosing a memorable format. ToolChop deliberately does not save generated passphrases; once you regenerate, they are gone from this page.
Why use ToolChop instead of another passphrase generator?
Many run on a server (and therefore see the passphrase they generate), persist a history feature (and therefore log it), or rely on Math.random — which is not cryptographically secure. ToolChop uses crypto.getRandomValues in your browser, shows the entropy math explicitly, and never transmits anything. You can confirm in DevTools → Network that no request fires.