How passphrase.guru works
A look under the hood: how wordlists are loaded, how random words and characters are chosen, how multiple languages are combined, and how entropy is calculated — all in the browser.
How the wordlists are loaded
Each supported language has a curated wordlist bundled with the site. When you select one or more languages, the generator loads those lists in the browser and builds a single combined pool of candidate words. The lists favour common, easy-to-type words and avoid near-duplicates so the secrets stay both strong and readable.
How random words are selected
To pick a word, the generator asks the Web Crypto API for random bytes and maps them onto the list using rejection sampling — it discards values that would fall outside an exact multiple of the list size, so no word is even slightly more likely than another. This avoids the subtle bias that a naive “random number modulo list length” would introduce.
How multiple languages are combined
Selecting several languages merges their lists into one pool. The generator then draws every word from that combined pool, so a single passphrase can mix languages. A larger pool means more entropy per word, which is why multilingual passphrases can be stronger for the same number of words.
How duplicate words are handled
Some words appear in more than one language. The generator deduplicates the combined pool so each distinct word exists once, and it computes entropy from that deduplicated size. This keeps the strength estimate honest — you are never credited for variety that is not really there.
How separators and capitalization work
After the words are chosen, you can join them with a separator (hyphen, space, dot or nothing) and apply capitalization (none, first letter, or random). These are formatting choices for readability and to satisfy site rules. They add little entropy compared with adding a word, so the tool counts them conservatively and tells you the real figure.
How entropy is calculated
For a passphrase, entropy is the number of words multiplied by log2(pool size); for a password it is length multiplied by log2(character-set size). Because the tool controls the selection, these are exact, not estimates. Optional extras such as an appended digit and symbol are added to the total in the same principled way.
Why local generation matters
Doing all of this in the browser means the secret is created on your device and never sent anywhere. You do not have to trust a server to discard it, because the server never sees it. That is the core privacy property of the tool, and it is why the generators keep working even if you go offline after the page loads.
Frequently asked questions
Where do the wordlists come from?
Each language ships with a curated list bundled into the site, favouring common, easy-to-type words. Attribution and licences are listed on the privacy/imprint pages.
Why use rejection sampling instead of modulo?
Taking a random number modulo the list length makes some entries slightly more likely than others (modulo bias). Rejection sampling discards out-of-range values so every word is exactly equally likely.
Does mixing languages really add strength?
Yes, because it enlarges the deduplicated word pool, raising entropy per word. The tool counts the real combined pool size, so the figure stays accurate.
Do separators and capitalization make it stronger?
Only marginally. They mainly improve readability and satisfy site rules. Adding one more random word increases entropy far more.