{"id":3959,"library":"diceware","title":"Diceware","description":"Diceware is a Python library and command-line tool for generating secure, memorable passphrases using the Diceware method. It generates passphrases by concatenating words randomly picked from wordlists. The library supports various sources of randomness, including Python's `SystemRandom` by default, and allows for different wordlists, including the EFF wordlist. It also offers options for capitalization and special characters. The current version is 1.0.1, actively maintained with recent updates.","status":"active","version":"1.0.1","language":"en","source_language":"en","source_url":"https://github.com/ulif/diceware","tags":["security","passphrase","diceware","cryptography","wordlist"],"install":[{"cmd":"pip install diceware","lang":"bash","label":"Install with pip"}],"dependencies":[{"reason":"Runtime environment for the library, supports Python 2.7 and 3.4-3.12.","package":"Python","optional":false}],"imports":[{"note":"The primary function for programmatic passphrase generation.","symbol":"get_passphrase","correct":"from diceware import get_passphrase"}],"quickstart":{"code":"from types import SimpleNamespace\nfrom diceware import get_passphrase\n\n# Mimic argparse options for programmatic use\noptions = SimpleNamespace(\n    num=6,          # Number of words (default: 6)\n    caps=True,      # Capitalize words (default: True)\n    specials=0,     # Number of special characters (default: 0)\n    delimiter=\"\",   # Delimiter between words (default: \"\")\n    randomsource=\"system\", # Source of randomness (default: \"system\")\n    wordlist=[\"en_eff\"], # Wordlist name(s) (default: \"en_eff\")\n    infile=None     # Optional custom input wordlist file descriptor\n)\n\npassphrase = get_passphrase(options=options)\nprint(passphrase)","lang":"python","description":"Generate a Diceware passphrase using the `get_passphrase` function by providing an `options` object that mimics `argparse.Namespace`. The example uses default settings for a 6-word passphrase with capitalized words and no special characters or delimiters, leveraging the EFF wordlist and `SystemRandom`."},"warnings":[{"fix":"For maximum security, consider generating passphrases using actual physical dice in combination with the Diceware wordlists, rather than relying solely on computer-generated randomness. The library provides a `RealDiceRandomSource` option for integration.","message":"The default randomness source (`SystemRandom`) is cryptographically strong, but the original Diceware method recommends using physical dice for maximum security, as computer-generated randomness can be susceptible to manipulation reports.","severity":"gotcha","affected_versions":"All versions"},{"fix":"To mitigate reduced entropy, prioritize using wordlists with entries that are a perfect power of the dice sides, or choose longer passphrases.","message":"Wordlists whose number of entries is not a perfect power of the dice sides (e.g., 6^5=7776 for `en_eff`) may have some words 'cut' to fit, potentially reducing the overall entropy and making passphrases slightly easier to guess.","severity":"gotcha","affected_versions":"All versions"},{"fix":"When using custom wordlists, ensure they do not contain words that are prefixes of other words in the list to maintain maximum entropy.","message":"If a wordlist contains 'prefix codes' (where one word is a prefix of another, like 'air' and 'airport'), it can slightly reduce the number of unique combinations and thus the passphrase's entropy.","severity":"gotcha","affected_versions":"All versions"},{"fix":"If disabling capitalization, it is recommended to use a clear delimiter between words (e.g., a space) to preserve entropy and readability.","message":"By default, words are capitalized and no delimiter is used. If both capitalization is disabled (`--no-caps`) and no delimiter is used, the passphrase entropy might be slightly reduced in rare cases where concatenated words could be parsed ambiguously (e.g., 'inputclammy' vs 'in put clam my').","severity":"gotcha","affected_versions":"All versions"},{"fix":"It is highly recommended to use Python 3.x (preferably 3.7+) for all new development and security-sensitive applications.","message":"While the library officially supports Python 2.7, using Python 2.x for security-sensitive applications is strongly discouraged due to its end-of-life status and lack of security updates.","severity":"deprecated","affected_versions":"<= 1.0.1"}],"env_vars":null,"last_verified":"2026-04-11T00:00:00.000Z","next_check":"2026-07-10T00:00:00.000Z"}