Correct horse

This generates a passphrase from a specified word list. Passphrases are demonstrably more secure and more memorable than a password with standard naive attempts at randomization (letter substitutions, numbers, exclamation marks).

Length: Count: Capitalize Delimiter Avoid letters

Entropy

The correct metric for the security of a randomly generated password is its entropy, that is, the logarithm of the total pool of possible passwords it was drawn from.

As formulated by Auguste Kerckhoff, a cryptosystem should be secure if everything but the key is public knowledge. Likewise, a password should be secure even if the attacker knows your method of choosing a password. Naive passwords that depend on personal data (names, dates) trivially fail this challenge, but even an ostensibly good password (like correct horse battery staple) can be weak if the words are picked by a human, because humans are bad at generating randomness.

The minimum entropy of your password can be approximated as a sum of several binary logarithms:

How fast you expect an attacker to guess (log2(guesses per second))
How long the password must remain secure (log2(years))
25 (because there are almost 2²⁵ seconds in a year).
How unlikely it should be for the attacker to guess correctly (log2(1/p)).

For example, if I want an attacker who can guess a thousand times per second to have no more than a one in a thousand chance of guessing correctly in 8 years, I would add 10 + 10 + 25 + 3 to get a minimum entropy of 48 bits.

Note: Do not focus obsessively on the difficulty of brute-forcing. The biggest risk to your password's security is you. Avoid storing it in clear text, avoid entering it on devices you do not control, avoid using similar passwords on different systems (even non-simultaneously). Do not let your device get compromised, and never let a third-party service access your account with your password.

Format

Many systems use incompetently written password authentication, and therefore do not allow passwords to contain spaces (or, in other cases, enforce security theater policies, such as mixed case or numbers, or actively sabotage security by limiting the maximum length).

My suggestion for the first problem is to set the delimiter to some other character (like . or -, which also takes care of the fourth problem), for the second to capitalize the first letter of each word (an easily memorable rule) or append 1! (pronounced "FU"), and for the fifth to completely refuse to use that system if at all possible.

Security

This is a client-only utility whose source is available at password.js. For particularly sensitive cases, I would recommend auditing the code and adapting it to run in a local context to prevent its output from being leaked by browser extensions.

Credits

Word list provided by Word frequency data.