About DicePass

DicePass is all about making strong passwords that are easy to use.

I strongy believe that password security starts with making strong and unique passwords for each of the online services you use. For example, your bank account password should be different from the passwords of other financial services you might use like PayPal or a credit card.

Passphrases and not Passwords

I also advocate using passphrases rather than passwords. Why? Passphrases, groupings of words to make a phrase, encourage more variation in the actual content of the password/phrase and are much easier to remember and type without error than random strings of letters and numbers. If you are interested in reading further, see this article from The Verge. There is a great xkcd comic about this.

How Does DicePass Work?

DicePass works by taking a list of English words and randomly selecting from the list to form a passphrase. The passphrase can be adjusted by choosing how many words to use, choosing capitlization or adding numbers or punctuation to the phrase.

The list of words I use is based on a variety of sources. As a result, the list has modern words, slightly archaic words and both American and British spellings. Currently, the list contains over 10,000 words.

The key to making the word list picks be random is to use a strong random number generator. DicePass uses a cryptographically strong random number generator that gets initialized with highly random initial states.

Can I Create Passphrases by Hand?

You can! The original passphrase concept was to use a list of words and then throw dice to pick a word from the list. There are lists available if you want to create passphrases directly. You might choose to do this if you did not trust third-party software to either provide unbiased random results or did not trust that your passphrase would not be saved. For more on doing passphrases by hand, check out the Electronic Frontier Foundation (EFF) page on dice-generated passphrases.

Does DicePass Store Passphrases?

No, DicePass does not store the generated passphrases and you don't need to create a login account. This means you can generate passwords using the site and not worry about having any record to tie your passphrases to your personal information such as name, email or phone number. Please note that the site does use web traffic analysis tools. Please review the Terms of Service and Privacy Policy for more details.