Fork me on GitHub

DicePass - Random Passphrase Generator

DicePass generates a (rather) secure password phrase that you can use a strong password.

It uses a concept of throwing a dice to generate a number that map into words and is based on EFF's Dice.

How does EFF's Dice work?

EFF's dice passphrase works by throwing a dice 5 times (or 5 dices at the same time) to generate a 5 digits number (from 11111 to 66666). That number is then mapped to a preprepared word list (such as this one) and produces one word.

Repeating this process 6 times produces 6 words which combined generates a passphrase of about 2⁷⁷ (that's 221073919720733357899776) alternatives. Quite a lot indeed.

How does DicePass rolls the dice?

In newer browsers DicePass uses a new JavaScript API for Pseudo Random Number Generation (PRNG) called crypto.getRandomValues. In newer browsers this PRNG uses the operating system's PRNG and produces cryptographically safe pseudo random numbers.

DicePass then takes these numbers and runs them through the Modulo 6 to mimc the 6 digits on a dice.

For older browsers DicePass uses Javascript's Random - which is OK, but does not guarantee cryptographically sound pseudo random numbers.

Is this site secure? Will it steal my passphrase?

Everything running to produce your passphrase runs only on your local browser.

There is no server side request invovled. We DO NOT store any cookies on the browser and the whole project is open sourced.

Even the option of "Speaking" the passphrase to you uses a JavaScript project that produces everything locally on your browser.

We do not run analytics or use the standard Tweet and Like buttons so that there will be no 3rd party services tracking you whatsoever.