# What is a Passphrase?

> A passphrase is a password made of multiple random words. It is easier to remember than character soup and, with enough words, harder to crack.

- URL: https://www.browserutils.dev/glossary/passphrase
- Published: 2026-07-03
- Updated: 2026-07-02

---

**A passphrase is a password made of multiple words**, usually four or more, drawn from a wordlist or a dictionary. Instead of `Tr0ub4dor&3`, you get `correct horse battery staple`. The idea, popularized by [a 2011 xkcd comic](https://xkcd.com/936/) and earlier by Arnold Reinhold's diceware method, is that human memory is much better at storing words than at storing arbitrary character strings — and a long sequence of random words has more entropy than the kind of password people actually pick.

## Why passphrases beat passwords

Password strength is measured in **bits of entropy** — roughly, the log₂ of the number of guesses an attacker would need to enumerate every possibility. A typical 8-character password (lowercase + uppercase + digits + symbols, ~94 character set) tops out around 52 bits of entropy *if it's truly random*. Most user-chosen 8-character passwords are far weaker, because they contain patterns, dictionary words, dates, or common substitutions.

A passphrase generated from a 7,776-word list (the standard EFF/diceware wordlist) gets about **12.9 bits of entropy per word**. Stack words and the entropy adds up:

| Words | Entropy   | Time to brute-force at 1 billion guesses/sec |
|-------|-----------|-----------------------------------------------|
| 3     | ~38 bits  | ~5 minutes                                    |
| 4     | ~51 bits  | ~26 days                                      |
| 5     | ~64 bits  | ~600 years                                    |
| 6     | ~77 bits  | ~5 million years                              |
| 7     | ~90 bits  | ~40 billion years                             |

Six words is the modern recommendation for high-value accounts. Four is the floor for general use, and only if every word is genuinely random — humans cannot pick "random" words on their own.

## The diceware method

Diceware, invented by Arnold Reinhold in 1995, is the canonical way to generate a passphrase: roll five physical dice for each word, look up the resulting five-digit number in a 7,776-entry wordlist, and write down the word. Repeat until you have enough words. Software passphrase generators do the same thing with a cryptographically secure random number generator instead of physical dice.

The two most common wordlists are:

- **The original diceware list** — short, sometimes obscure words
- **The EFF long wordlist** — 7,776 common, easy-to-type words selected for memorability and lack of confusing homophones

Either gives the same per-word entropy. The EFF list is friendlier for humans.

## Passphrase examples

A randomly generated 6-word EFF passphrase looks like:

```
plunder reroute roving juvenile reset prankish
```

That's strong, memorable enough to learn after a few repetitions, and trivially typed on mobile. Compare to `xK7$mQ!2bR`, which has half the entropy and is much harder to type or remember.

## Common mistakes

- **Picking words yourself.** Human-chosen "random" words cluster around common nouns and lose most of their entropy. Always use a generator.
- **Adding common substitutions.** Tacking `!1` onto the end of `correct horse battery staple` adds almost no entropy because attackers know to check that pattern.
- **Reusing the same passphrase across sites.** A breach at one service exposes everywhere you used it.
- **Using fewer than 4 words.** Three words from a 7,776-word list is only 38 bits — modern hardware brute-forces that in minutes.
- **Stripping the spaces.** `correcthorsebatterystaple` is fine for entropy but harder to remember chunk-by-chunk.

## When to use a passphrase vs a random password

Passphrases are the right choice for **passwords you actually have to remember and type** — your password manager's master password, full-disk encryption, your machine login, your SSH key. For everything else, your password manager should generate and store a long random character string per account; you don't need to memorize those.

Generate a passphrase with the [Passphrase Generator](/tools/passphrase-generator), or generate a random character password for password-manager entries with the [Password Generator](/tools/password-generator). Test the strength of any password or passphrase with the [Password Strength Checker](/tools/password-strength-checker).