The secrecy of your master password must survive you,
and its strength must hold against adversaries
that are ready to spend substantially every year to eventually crack it.
The default values below
correspond to twice the longest-living person to date,
and to the yearly budget of the NSA.
Expected time left to live: years.
Yearly budget of adversaries:
The password is generated locally on your computer.
The webpage does not store nor transmit it elsewhere.
There are a few constraints for you to trust it:
You must trust me (admittedly, the harder step). I claim to have not put
anything malicious in
and I believe there are no mistakes in the implementation of the algorithms.
However, I disclaim any express or implied warranty or liability
from the use of this page or software.
I will not give write access to the website’s code to anyone,
so at least you only need to trust a single person.
You must trust Github
to deliver the website’s content correctly and securely.
If Github is malicious,
it could server a different page that sends the passphrases somewhere.
If Github is incompetent,
the TLS connection used to secure the transmission could be tampered with
by a malicious actor that inserts encrypted content
to send passphrases to them.
You must trust your Web browser.
It has access to all that you see in your window and more.
Additionally, we rely on the JS cryptographic primitives it provides,
so if the software is badly written,
it may yield faulty randomness;
and if the tab separation is weak,
other webpages in the browser
might be able to extract information from this page.
You must trust your operating system and hardware,
from the CPU to the RAM.
To be fully honest, even then, I tend to be extra cautious when generating
passwords. I load the page from a fresh OS (typically booted from a live USB),
I verify the source code, I disconnect and Faraday-cage the computer;
only then do I generate the passphrase, and once the password memorized,
I shut down the laptop without reconnecting to the Internet and scrub all
remains of the OS.
Want to understand the computation?
It is detailed in