Written on: Updated on:

Diceware Password Generator

I have a problem with passwords. I take them very seriously and for at least the last 10 years I have been using some type of password manager to manage all my passwords and other critical, personal information.

The problem with this scenario is that for years I have been using password generators, built within the app, to secure my online logins. Why is this a problem? Well… it isn’t per se; the main issue is the Master Password, that is the one password to rule them all, well, mine is rather easy to break.

I’ve often debated with myself around how to solve this problem. To remember a password like :o0{n1$z'4yQ_?2RwW is simply not going to happen. The thing is, in order to be secure you need a password to remember so as to only have it in your head and no physical evidence of it lying around.

And here is where the Dicewear Password Generator (DPG) comes into play. DPG uses a world list and “dice” to output an easy to remember password based on a sequence of words like boots-imbecile-nextdoor-espresso-cosmetics-remote. While this is a long password, it certainly can be memorised - and quickly.

It turns out that not only is a password like mumbo-giver-alarm-lived-gig-wages-exit easy to memorise, it is over 100 times1 more secure than this %u}+6:~TY/(8uR[/vB password.

About the Dicewear Methodology

Diceware is a method for picking passphrases that uses dice to select words at random from a special list called the Diceware Word List. Each word in the list is preceded by a five digit number. All the digits are between one and six, allowing you to use the outcomes of five dice rolls to select a word from the list2.

Here is a short excerpt from a Diceware word list:

 16655 clause
 16656 claw
 16661 clay
 16662 clean
 16663 clear
 16664 cleat
 16665 cleft
 16666 clerk
 21111 cliche
 21112 click
 21113 cliff
 21114 climb

Measuring the security of a randomly-generated passphrase is easy. The most common approach to randomly-generated passphrases is to simply choose several words from a list of words, at random. The more words you choose, or the longer the list, the harder it is to crack. Looking at it mathematically, for k words chosen from a list of length n, there are nk possible passphrases of this type. It will take an adversary about nk/2 guesses on average to crack this passphrase.

For most uses, generating a six-word passphrase with a long list is recommended, for a strength of 77 bits of entropy. (“Bits of entropy” is a common measure for the strength of a password or passphrase. Adding one bit of entropy doubles the number of guesses required, which makes it twice as difficult to brute force.) Each additional word will strengthen the passphrase by about 12.9 bits.

Passphrases generated using shorter lists will be weaker than the long list on a per-word basis (10.3 bits/word). Put another way, this means you would need to choose more words from the short list, to get comparable security to the long list — for example, using eight words from the short will provide a strength of about 82 bits, slightly stronger than six words from a long list.

Installation

Clone Repo and Download the Word Lists

$ git clone https://github.com/justinhartman/diceware-password-generator.git ~/diceware
$ cd ~/diceware
$ chmod +x download-words
$ ./download-words

This will download five word lists for you to use. They are:

  • Arnold Reinhold’s Beale Diceware word list - The most popular word list is Arnold Reinhold’s Diceware list, first published in 1995. This list contains 7,776 words, equal to the number of possible ordered rolls of five six-sided dice (7776=65), making it suitable for using standard dice as a source of randomness.
  • EFF’s Long Word List - EFF’s new list matches the original Diceware list in size (7,776 words (65)), offering equivalent security for each word you choose. The words in this list are longer (7.0 characters) on average, than Reinhold’s Diceware list (4.3 characters). This is a result of banning words under 3 characters as well as prioritising familiar words over short but unusual words.
  • EFF’s Short, memorable word list - This new list contains only 1,296 words (64), suitable for use with four six-sided dice. By reducing the number of words in the list, EFF were able to use words with a maximum of five characters. This can lead to more efficient typing for the same security if it requires fewer characters to enter N short words than N-1 long words.
  • EFF’s Experimental, Short word list. - This short list has a few additional features to the above list, making the words easy to type. Each word has a unique three-character prefix. This means that future software could auto-complete words in the passphrase after the user has typed the first three characters. This list is mostly a proof-of-concept for individual users.
  • Vorvig Word List - The 1/3 million most frequent words, all lowercase, with counts.

Usage

The following, first-time commands, will get you using the DPG quickly.

$ cd ~/diceware
$ chmod +x passphrase
$ ./passphrase -h

The -h, or --help flag will output all the available options:

# Version: diceware-password-generator 1.0.4
# Release Date: 25 March 2018
# Project: https://justin.hartman.me/projects/diceware-password-generator.html
#
# The author disclaims copyright to this source code. In place of
# a legal notice, here is a blessing:
#
#   - May you do good and not evil.
#   - May you find forgiveness for yourself and forgive others.
#   - May you share freely, never taking more than you give.

Usage:
------
$ ./passphrase [options] [-n] <number of words>

Options:
--------
Every option has a long form along with the short one.
Long options are more convenient to remember but take time to type.

-w, --words     Standard word list (default list)
-v, --vorvig    Vorvig word list
-s, --short     Short, memorable word list
-e, --edit      Short, editable word list. Experimental.
-b, --beale     Beale Diceware word list.
--------------------------------------------------------
-n, --number    Input an integer for the number of words
                you want generated for your passphrase.

Each word list has its own flag (e.g. -v or --vorvig) so you can find the right word list to suit your requirements. Each one is different and you’ll see why when you start generating passwords.

Additionally, there is an optional -n flag which is used to specify how many words you want the DPG to return back to you. For example you may want 4 long words (-n 4) or 6 shorter words (-n 6) and changing the integer value after the -n flag will return the number you requested. If you omit the flag entirely, the DPG will default to 5 words returned to you to.

Usage Examples

These examples use each of the various word lists and output a certain number of words as specified (or not) with the -n flag.

The following examples are all equivalent to each other and will output five words from the Standard word list.

$ ./passphrase
$ ./passphrase --words
$ ./passphrase -w
$ ./passphrase --words -n 5
$ ./passphrase -w -n 5

Pro Tip: The space between the option accepting an argument and the argument may be omitted. Instead of -n 5 you can write -n5.

$ ./passphrase -w -n5

Pro Tip: You may also put all the options together, like:

$ ./passphrase -wn5

This is completely equivalent to:

$ ./passphrase -w -n 5

No Options

$ ./passphrase
levers-glitter-basics-crate-livestock

Running this without any options will return 5 words from the standard word list.

Standard word list, default number of words (no flag)

$ ./passphrase -w
little-untamed-reflex-result-catnap

Standard word list, requesting 4 words (with flag)

$ ./passphrase -w -n 4
recipient-slouching-caucasian-party

Vorvig word list

$ ./passphrase -v -n 3
insights-liberality-bethania

Short, memorable word list

$ ./passphrase -s -n 6
gong-pulse-life-outer-undo-start

Short, experimental word list

$ ./passphrase -e -n 6
sainthood-gnomish-scenario-upkeep-pauper-sled

Beale Diceware word list

$ ./passphrase -b -n 4
wielder-oomph-mugshot-easel

Known Bug

You will most likely encounter the following error with the beale word list when running
$ ./passphrase -b or $ ./passphrase --beale:

Traceback (most recent call last):
  File "./passphrase", line 47, in <module>
    main(sys.argv[1:])
  File "./passphrase", line 10, in main
    beale = [s.split()[1] for s in open(sys.path[0]+'/words-beale')]
IndexError: list index out of range

This happens because the word list has been digitally signed and you need to remove the signed signature in order to get it to work correctly.

$ cd ~/dicewear
$ nano words-beale

Remove the following on lines 1 and 2, including the blank space on page 2:

-----BEGIN PGP SIGNED MESSAGE-----

Then, remove the actual signature contained at the end of the file:

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBNX6aTGtruC2sMYShAQGSwAP9F8usVblyi+QEHjxuiltBxT0u6GTHM/Cn
WgT+GYMRBbOMyDqe9KKyO4oryqWLnS83O8L9uLaEBqNXxEDm8KPGBB/l9CSUMCsC
cD1hx8NQ/LpfjgRnngLSVvdjNmECg8OgKom2dht6oVHN8q+FQhmiqmndS72lTSOO
jOuFf/otw7o=
=7B7m
-----END PGP SIGNATURE-----

This should resolve this issue.

License

The original Dicewear software is Copyright © 2018 Alexey Shamrin and is licensed under The MIT License (MIT).

I believe I’ve made substantial enough changes to the original source code that I am going to release this version of the software to the public domain.

#
# The author disclaims copyright to this source code. In place of
# a legal notice, here is a blessing:
#
#   - May you do good and not evil.
#   - May you find forgiveness for yourself and forgive others.
#   - May you share freely, never taking more than you give.
#

This doesn’t change the copyright or license of the original Dicewear software and a copy of the original source code are contained in the first commit of this repo.

Release Notes

There is a dedicated page which documents the changes made to the Diceware Password Generator as well as all the release notes for the software. You can view this page by clicking here.

Credits

Footnotes

  1. I don’t actually know if this is accurate but it sounds impressive. Whether accurate or not, the DPG creates passwords that are extremely secure, all thanks to entropy. 

  2. This is accurate for the original word list created by Arnold G. Reinhold as well as the long word list supplied by the EFF. The other shorter word lists are not all between one and six digits nor are they necessarily preceded by a five digit number. 

Comments