Diceware

1.0.1 · active · verified Sat Apr 11

Diceware is a Python library and command-line tool for generating secure, memorable passphrases using the Diceware method. It generates passphrases by concatenating words randomly picked from wordlists. The library supports various sources of randomness, including Python's `SystemRandom` by default, and allows for different wordlists, including the EFF wordlist. It also offers options for capitalization and special characters. The current version is 1.0.1, actively maintained with recent updates.

Warnings

gotcha The default randomness source (`SystemRandom`) is cryptographically strong, but the original Diceware method recommends using physical dice for maximum security, as computer-generated randomness can be susceptible to manipulation reports.
Fix: For maximum security, consider generating passphrases using actual physical dice in combination with the Diceware wordlists, rather than relying solely on computer-generated randomness. The library provides a `RealDiceRandomSource` option for integration.
gotcha Wordlists whose number of entries is not a perfect power of the dice sides (e.g., 6^5=7776 for `en_eff`) may have some words 'cut' to fit, potentially reducing the overall entropy and making passphrases slightly easier to guess.
Fix: To mitigate reduced entropy, prioritize using wordlists with entries that are a perfect power of the dice sides, or choose longer passphrases.
gotcha If a wordlist contains 'prefix codes' (where one word is a prefix of another, like 'air' and 'airport'), it can slightly reduce the number of unique combinations and thus the passphrase's entropy.
Fix: When using custom wordlists, ensure they do not contain words that are prefixes of other words in the list to maintain maximum entropy.
gotcha By default, words are capitalized and no delimiter is used. If both capitalization is disabled (`--no-caps`) and no delimiter is used, the passphrase entropy might be slightly reduced in rare cases where concatenated words could be parsed ambiguously (e.g., 'inputclammy' vs 'in put clam my').
Fix: If disabling capitalization, it is recommended to use a clear delimiter between words (e.g., a space) to preserve entropy and readability.
deprecated While the library officially supports Python 2.7, using Python 2.x for security-sensitive applications is strongly discouraged due to its end-of-life status and lack of security updates.
Fix: It is highly recommended to use Python 3.x (preferably 3.7+) for all new development and security-sensitive applications.

Install

pip install diceware Install with pip

Imports

get_passphrase
```
from diceware import get_passphrase
```
The primary function for programmatic passphrase generation.

Quickstart

Generate a Diceware passphrase using the `get_passphrase` function by providing an `options` object that mimics `argparse.Namespace`. The example uses default settings for a 6-word passphrase with capitalized words and no special characters or delimiters, leveraging the EFF wordlist and `SystemRandom`.

from types import SimpleNamespace
from diceware import get_passphrase

# Mimic argparse options for programmatic use
options = SimpleNamespace(
    num=6,          # Number of words (default: 6)
    caps=True,      # Capitalize words (default: True)
    specials=0,     # Number of special characters (default: 0)
    delimiter="",   # Delimiter between words (default: "")
    randomsource="system", # Source of randomness (default: "system")
    wordlist=["en_eff"], # Wordlist name(s) (default: "en_eff")
    infile=None     # Optional custom input wordlist file descriptor
)

passphrase = get_passphrase(options=options)
print(passphrase)

view raw JSON →