Passphrase Generator
Memorable, high-entropy word passphrases. Nothing leaves your browser.
How to use it
- Pick a word count. Six or seven words is the sweet spot between memorability and strength.
- Choose a separator your target site accepts. Hyphens are safe almost everywhere.
- If a site demands a digit or symbol, toggle those on. The result still reads as words.
- Read the passphrase out loud once or twice to commit it to memory before pasting it into your password manager.
Frequently asked questions
Why use a passphrase instead of a random password?
Passphrases pair high entropy with human memorability. Four to seven random common words are far easier to remember than a 16-character mixed string and, with enough words, just as hard for attackers to guess.
How many words should I use?
Six or seven words from a multi-thousand word list is the modern recommendation for sensitive accounts. A seven-word passphrase from our 1879-word list gives roughly 76 bits of entropy, comparable to a six-word Diceware passphrase.
Are the words really random?
Yes. Word selection uses crypto.getRandomValues from the Web Crypto API with rejection sampling to avoid modulo bias. There is no predictable seed.
Should I add numbers or symbols?
It is not strictly necessary if you use enough words, but many sites require at least one digit and one symbol. The optional add-ons here satisfy those rules without harming memorability.
Is the passphrase sent to a server?
No. Everything happens locally in your browser. Nothing is uploaded, logged, or stored by ChrysoKit.
Advertisement