New password

I needed to generate a new serious password so I decided to try to out the old Diceware / xkcd idea of a phrase made of nonsense words. I took inspiration from this article (as seen on Metafilter). I ended up using the Diceware list along with this Python generator. I probably could have just used this Diceware Javascript generator but some irrational part of me trusted a Python program installed on my own machine via pip more than a Javascript page.

Why not use the big list that xkcdpass has? Because it has too many obscure words (“filariae”). What’s nice about Diceware is it has a list of just 7776 short common words. According to that Javascript generator 6 Diceware words has 77 bits of entropy, which is good for 3500 years against an attacker making a trillion guesses a second.

The best thing about these long passphrases is they are easy to type on mobile keyboards. The whole l33+ thing we still childishly do is murder on an iPhone.