CyduckEST. 2026 Open the dashboard Dashboard
Section I · 05 — Passphrase Generator

Four random words. Stronger than they look.

Made of real words, not random characters — easier to remember, just as hard to crack. Pick a length, a separator, the kind of flourish you want. Generated in your browser, never sent anywhere.

FIG. I — your passphrase
strength
34567
Generated locally · never sent · never stored
FIG. II

Why words beat random characters

memorability

Four random words you can see are easier to remember than twelve random characters that look like noise. Memory loves stories.

entropy

Four words drawn from a 7,776-word list give roughly 52 bits of entropy — more than most 8-character random passwords. Add a fifth word and you're past 65 bits.

the simple truth

Four ordinary words you can picture beat any clever-looking gibberish you can't remember. We're still right about it.

Section III 03 — what to do next

Three habits. Lock them in.

  • № 01
    Save it in a password manager. Even passphrases are easier with a manager. You don't have to type it every time, and you get one safe place for everything else too.
  • № 02
    Use it as your master, not your everyday. Passphrases shine for the one password you actually have to remember — your password manager's master password, your laptop login, your encrypted backups. For the other 100 accounts, generate random passwords. Open Password Generator →
  • № 03
    Pair it with two-factor authentication. Even a perfect passphrase can leak through phishing or keyloggers. 2FA stops most of those takeover attempts cold.
FIG. IV — how this works

A wordlist, true randomness, your browser.

  1. 01
    Pick from a curated list. We use the EFF Long Wordlist — 7,776 words chosen for being easy to remember, hard to confuse, and free of awkward, offensive, or rare entries. The same list password researchers and the EFF recommend.
  2. 02
    Cryptographic random selection. We use window.crypto.getRandomValues() — your browser's own secure random generator — to pick each word independently. No predictable sequences. No repeats from session to session.
  3. 03
    Assemble and serve. We join the words with your chosen separator, optionally capitalize or add a number, and show the result. Nothing is logged. Refresh the page and the passphrase disappears forever.

A 4-word passphrase from this list has roughly 52 bits of entropy. Add a fifth word for 65 bits — past most encryption keys, while still memorable enough to type once or twice a day.

While you're here, strengthen the rest.

Three tools, all browser-only. No accounts. The same instruments behind the Scorer.

№ 04 Password Generator Long, random, locked away. № 06 Password Strength Checker How long would yours actually hold? № 02 Password Breach Checker See if your password is on a leak list.