Here’s How to Use Dice to Create an Unhackable, Easy-to-Remember Passphrase

Even the NSA won’t be able to break it.

30 MAR 2015

Forget using your first crush’s name with a few of the 'a's swapped for @ signs, if you really want to keep your information secure, the best way is to come up with a passphrase - a string of several words that are much harder for someone to hack than a simple password.

But the problem with passphrases is that, in order to be able to memorise them, we often end up making them from our favourite literature or TV quotes, which means hackers and their supercomputers can easily guess them. However, technology journalist Micah Lee over at The Intercept has now discovered a far better solution. And all you need is some dice.


The method Lee describes is called the “Diceware” technique, which is based on a 37-page list of words that each correspond to a five-digit number. To come up with your passphrase, all you need to do is roll your dice enough times (depending on how many you're using) to come up with five, completely random numbers. These will tell you the first word of your passphrase. Repeat this process until you’ve got a passphrase that’s seven words long, which according to Lee is what you need in order to overwhelm Chinese hackers and the NSA

"What you’re doing here is generating entropy, extracting true randomness from nature and turning it into numbers," writes Lee over at The Intercept.

You’ll end up with something that looks like "bleak grout had zen ulcer thorny snag" that you can keep in your wallet and recite over and over again until you have it down. And although that sounds like a mouthful to memorise, it’s a whole lot easier than trying to remember a random string of numbers, symbols and letters, such as d07;oj7MgLz’%v. 

It's more secure, too. If you use a seven-word passphrase recommended by Lee, there’s only a one in 1,719,070,799,748,422,591,028,658,176 chance that someone could randomly pick your passphrase from the Diceware word list. Imagining that a computer is making one billion guesses per second of your password - as Edward Snowden warned us hackers are capable of in January 2013 - it would still take an average of 27 million years for them to guess your passphrase, Lee calculates.

But by the time they get even close to cracking it, we’ll hopefully all have moved on from passwords and passphrases and be using quantum entanglement to secure our information. Or if all else fails, maybe we can just start writing our secrets (and bank details) in blood on edible paper to make sure they really stay hidden. After all, it is 2015, and apparently nothing is safe

Find out more about the technique over at The Intercept, and hurry up and make your life more secure.

Source: The Intercept

More From ScienceAlert