Most advice about strong passwords asks you to trust something: trust that your clever substitution is hard to guess, trust that a website's strength meter knows what it is doing, trust that your brain came up with something truly unpredictable. Diceware takes a different approach. Instead of asking you to be random, it lets a pair of ordinary dice do the work, and the result is a passphrase whose strength you can calculate with simple arithmetic.
In this guide you will learn what Diceware is, how the rolling-and-lookup process actually works, where the famous EFF word list comes from, exactly how strong each extra word makes your passphrase, and how many words you really need in 2026. By the end you will be able to make a passphrase you can defend with math rather than hope.
What Is Diceware?
Diceware is a method for generating random passphrases, invented by Arnold Reinhold in 1995. The idea is simple: you roll a die five times, write down the five numbers in order, and look up the matching word in a list of 7,776 words. Repeat that for as many words as you want, string them together, and you have a passphrase.
Why 7,776 words? Because a standard six-sided die has six faces, and five rolls produce 6 × 6 × 6 × 6 × 6 = 7,776 possible combinations. Each word in the list is tied to a five-digit code from 11111 to 66666. Roll 2-1-4-6-3, find the word next to 21463, and that word is now part of your passphrase. The dice, not your imagination, choose it.
The whole point of Diceware is to remove the human from the randomness. People are famously bad at being unpredictable, and attackers know it. Physical dice have no patterns, no favorite words, and no bias.
Why Rolling Dice Beats “Thinking of Something Random”
When you invent a passphrase in your head, you unconsciously lean on familiar phrases, names, dates, and keyboard habits. Attackers exploit exactly these tendencies, which is one reason so many breaches succeed. (We break down the techniques in our guide on how hackers steal passwords.)
Diceware sidesteps this entirely. Because each word is selected by a physical, uniform random process, every possible passphrase of a given length is equally likely. That uniformity is what lets us measure strength precisely using password entropy, the standard way of expressing how many guesses an attacker would need on average.
It also produces something genuinely memorable. A phrase like cargo-ripcord-vivid-truffle-sandbar-zoning is easier to recall than a tangle of symbols, while being far harder to crack. This is the same reason passphrases generally outperform short complex passwords, a trade-off we explore in passphrase vs password.
The EFF Word List: A Modern Upgrade
Reinhold's original list works well but contains some short, obscure, and hard-to-type entries. In 2016 the Electronic Frontier Foundation (EFF) published new word lists designed to be friendlier to humans while preserving the math.
The EFF “long” list keeps the same 7,776 words (so it still maps perfectly to five dice rolls) but deliberately favors common, easy-to-spell words and removes confusing or potentially offensive ones. According to the EFF, its long list averages about 7 characters per word and delivers roughly 12.9 bits of entropy per word. EFF also offers two shorter 1,296-word lists (four dice rolls each) for situations where shorter, more distinct words matter more than maximum entropy.
If you ever see Diceware described as giving “12.9 bits per word,” that figure comes directly from log2(7776) ≈ 12.92. It is not an estimate of how memorable the word is; it is the exact information content of one uniformly random pick from 7,776 options.
How Strong Is a Diceware Passphrase? The Numbers
Entropy adds up cleanly with Diceware because each word is independent. The total entropy is simply the bits per word multiplied by the number of words. Here is how that plays out with a 7,776-word list at about 12.9 bits per word:
| Words | Approx. entropy | Possible combinations | Practical verdict |
|---|---|---|---|
| 4 words | ~51.7 bits | ~3.6 × 1015 | Okay for low-stakes, throwaway accounts |
| 5 words | ~64.6 bits | ~2.8 × 1019 | Strong for most everyday accounts |
| 6 words | ~77.5 bits | ~2.2 × 1023 | Recommended baseline for important accounts |
| 7 words | ~90.5 bits | ~1.7 × 1027 | Excellent for master passwords and high-value targets |
To put 77.5 bits in perspective: even an attacker capable of trillions of guesses per second would need timescales far beyond a human lifetime to exhaust the search space of a six-word passphrase. Our breakdown of how long it would take to crack a password shows why each added word multiplies the workload, rather than just adding to it.
A worked example
Say you roll dice to pick five words and get spleen-rowboat-cactus-mural-thigh (illustrative words). With five independent picks at 12.9 bits each, the passphrase carries about 64.6 bits of entropy regardless of how short or familiar the individual words look. Length of the words is irrelevant to the math; what matters is that each was chosen randomly from 7,776 equally likely options.
How Many Words in a Passphrase Do You Actually Need?
This is the question most people arrive with, and the honest answer is “it depends on what the passphrase protects.” As a general educational guideline based on widely cited security recommendations:
- Five words (~64 bits) is a reasonable floor for ordinary online accounts, especially when those accounts also have two-factor authentication turned on.
- Six words (~77 bits) is the commonly recommended target for anything important, and is a sensible default for a password manager's master password.
- Seven or more words (~90+ bits) is worth the extra typing for the few keys that protect everything else, like a master password or an encryption key.
Notice how second factors change the equation. Even a five-word passphrase becomes dramatically harder to misuse when an attacker also needs a one-time code, which is why pairing a strong passphrase with an authenticator app over SMS is such a powerful combination.
How to Roll Your Own Diceware Passphrase
The classic method needs nothing but dice and a printed copy of a word list:
- Get one or more real six-sided dice. Roll five times for the EFF long list (four times for the short lists).
- Write the digits in the order rolled, for example
4-2-6-1-3, to form a five-digit number like42613. - Look up that number on the word list and record the word.
- Repeat until you have your target number of words (six is a solid default).
- Join the words with spaces or hyphens. Do not reorder them to “make a sentence”, and do not swap out words you dislike, since both choices leak entropy.
A few practical notes. Roll in a way you can see clearly; if a die lands cocked, re-roll it. Generate the passphrase somewhere private. And resist the urge to “improve” the result. Every human edit chips away at the randomness that gives Diceware its guarantee.
What about doing it on a computer?
You do not strictly need physical dice. A trustworthy generator that uses a cryptographically secure random number generator (CSPRNG) produces the same uniform randomness as real dice, with the same per-word entropy. You can create one instantly with our free password & passphrase generator. Physical dice simply give you the comfort of seeing the randomness happen, with no software to trust.
Common Diceware Mistakes to Avoid
- Reusing the same passphrase everywhere. Even a perfect Diceware phrase becomes a liability if it is shared across accounts. This is one of the classic password mistakes that undoes otherwise good habits.
- Editing the output. Capitalizing only words you like, dropping “ugly” words, or rearranging them all reduce entropy below the number you think you have.
- Using too few words for a high-value key. Four words is fine for a forum login, but a master password deserves six or seven.
- Storing it carelessly. A strong passphrase scribbled on a sticky note is only as safe as that note. For most people, the cleaner long-term home is a reputable password manager, which we evaluate honestly in are password managers safe.
Key Takeaways
- Diceware uses physical dice and a numbered word list to pick words at random, removing human bias from the process.
- The EFF long word list has 7,776 words, giving about 12.9 bits of entropy per word, and is built to be easy to spell and type.
- Entropy adds up per word: roughly 64 bits for five words, 77 bits for six, and 90+ bits for seven.
- For the question of how many words in a passphrase, six is a strong, widely recommended default, with five acceptable for everyday accounts and seven for the keys that matter most.
- Never edit, reorder, or cherry-pick the words, and pair your passphrase with two-factor authentication wherever you can.
The beauty of Diceware is that it turns a fuzzy worry (“is this password good enough?”) into a calculation you can actually verify. Roll honestly, keep all the words, and you will end up with a passphrase that is both memorable and genuinely hard to break. This article is general educational information, not personalized security advice; choose the length and tools that fit your own risk and needs.