Diceware Passphrase Entropy Calculator
A Diceware passphrase is built from randomly chosen words, so its strength is the entropy it carries: word count times the base-2 logarithm of the wordlist size. The classic 7,776-word list gives about 12.92 bits per word. This calculator returns the total entropy, the number of possible passphrases, and an average offline crack time for a guess rate you choose. Entropy only holds if each word was selected uniformly at random with dice or a secure generator, never by personal choice.
Diceware entropy formula
Bits per word = log2(wordlist size)
Entropy bits = word count * bits per word
Possible passphrases (log10) = entropy bits * log10(2)
Average crack seconds = 2^(entropy bits - 1) / guesses per second
Average crack years = crack seconds / 31,557,600
The keyspace is 2 to the entropy bits; on average an attacker tries half of it, hence the minus one. A Julian year is 31,557,600 seconds.
Diceware context
- The classic Diceware list holds 7,776 words (6 to the power 5), giving about 12.92 bits per word.
- Six words give about 77.5 bits; seven about 90.5; eight about 103.
- Entropy only holds if words are chosen uniformly at random, with dice or a secure generator.
- Online attacks are throttled and slow; the large guess rates here model offline attacks on a stolen hash.
- Adding more random words is the cleanest way to raise strength.
Diceware passphrase: frequently asked questions
What is Diceware?
Diceware is a method for building strong passphrases by rolling physical dice to pick random words from a fixed list. The classic list holds 7,776 words, which is 6 to the power 5, so five dice rolls select one word. Each word from a 7,776-word list contributes log2(7,776), about 12.92 bits of entropy.
How is passphrase entropy calculated?
Entropy in bits equals the word count multiplied by the base-2 logarithm of the wordlist size. A six-word Diceware passphrase from the 7,776-word list carries 6 times 12.92, about 77.5 bits. Entropy assumes each word was chosen uniformly at random, which is why you must use dice or a secure generator, not your own judgement.
How many words is enough?
The classic Diceware guidance suggested six words for personal use and more for high-value secrets. Six words give about 77.5 bits, seven give about 90.5, and eight give about 103. For protecting against well-funded offline attackers, aim for at least the high 70s in bits and ideally beyond 90.
How is crack time estimated?
Average crack time is half the keyspace divided by the attacker's guess rate. The keyspace is 2 to the entropy bits. With 77.5 bits and an attacker doing one trillion guesses per second, the average time is enormous. Enter a realistic offline guess rate for your threat model; online services are far slower.
Does word order or capitalization add entropy?
Order is already counted because each position is an independent random word. Adding capitalization or symbols on top can add a little entropy, but only if applied randomly. The clean and reliable way to increase strength is simply to add more randomly chosen words.
Official sources
- NIST: SP 800-63B Digital Identity Guidelines.
- NIST: Computer Security Resource Center: entropy glossary.
Reviewed by the CalculatorHub team, edited by James Graham, 17 June 2026. See our methodology.