Add an ability to generate diceware passphrases

I found this feature request but it’s not the same. Pronounceable random characters and diceware passphrases are a different thing. The latter are dictionary words selected at random and separated by some character (usually whitespace) - it makes them really easy to enter and remember while giving a high degree of security.

Here’s a page explaining it: xkcd Password Generator

Please do add this request as I would love to be able to generate passphrases from the browser plugins and app.

I came here through the deprecated github threads, and this was the request most matching what I was looking for when searching.

In github it was: https://github.com/bitwarden/mobile/issues/14

I’ll add my vote to this request.
Usecase: I’d really like it when for example logging into a service on my PS4 or Nvidia Shield where bitwarden isn’t available, and I’d rather type a few recognizable words than 30+ random characters.

1 Like

Voted. This definitely needs to be a thing!

Example:

[email protected]!4 has an entropy of 68.678 but is a HUGE PITA when entering in manually (Netflix, Xbox, etc.)

RedBrickWhiteHorseBlackShip1! has an entropy of 71.854 meaning it is more secure than the other password but also WAY easier to look at it once and enter it into whatever system is required.

There’s literally no downsides but also a lot of upsides. As someone who works in IT, most average folks would much rather use passphrases than passwords that are abnormal for our brains to be able to remember. Once they are taught that passphrases are more secure and more usable, I have had great success with acceptance of that standard.

This would help all of us going forward, but also would help average users using Bitwarden to change the way they think about passwords/passphrases elsewhere in their lives.

2 Likes

I, personally, use https://xkpasswd.net/s/, but it’d be great to have it integrated with BW.

1 Like

@kspearrin I would like to try to implement this one. Do you have recommendations or should I just shoot a (probably bad) PR as a basis and we discuss there?

I think this would actually be great to use with those “security” questions that sites ask for in case you lose your password. Usually the questions are easily-guessable and/or easy to social engineer. Having BW give you nonsense phrases to put there would help security and still be able to be spoken to any person who can help reset your password.

Good news, this was added into bitwarden (cf github pr) !
I guess it will be in the next release.

2 Likes

That’s great!
Now the next thing I hope for is to have those passphrase lists in different languages because English is not my first language.

1 Like

Great! Thank you.

This is in the next release for various apps.