Times ago, I was reading something on numerical systems and password generators and I find myself discovering Diceware, a system for generating a passphrase using several 6-side dice. I think it was funny, so I looked for some dice in my house to try the system. Unfortunately, I have just one d6. Diceware requires five throws just for a single word and a good passphrase requires 3 or 4 words, plus some modifiers here and there. In total, I should throw that single die 20 times to get a good passphrase.
However, just on top of my desk, I have a full d20 RPG dice set (where that d6 belongs). I thought: it is possible to use an RPG dice set to do something similar to Diceware? After all, an RPG set spans over 4,608,000 possible outcomes per word while six d6 can obtain “just” 7,776 different results. There is more than enough room to make the system work. So, that is the system I propose.
- Throw the full set of dice on your desk.
- Take the results for the d20, d12 and d10. Use this to select a word in a list of 2400 words. This is the master list. You can pre-generate this list using some tool like this, save them in a file and keep them somewhere. This is smaller than the master list in Diceware, but this is your personal one, different from any other master list.
- PRO TIP: You can format your master list in a way that is easy to use, but if you just have a list of words in a text file, there is an easy solution to find the line number for each throw. \( d20 + d10 \times 20 + d12 \times 200 - 221 \). Ok, it is not “easy” in the general sense, but you got the point.
- Take the result for d6. Use this number to select a character in the word. If the word has less than 6 characters, it is ok. Otherwise, use the other d10 to extend the d6. For instance, if d10 is even, use the d6 to select the first 6 chars of the word, otherwise, use d6 to select a char in the last 6 characters.
- Take the value for d4 and d8 to change the previously selected char with a random character in a 4x8 table. For instance, you can use the following one.
- Repeat for every word in the passphrase.
d4\d8 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 |
---|---|---|---|---|---|---|---|---|
1 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 |
2 | 9 | . | , | ; | ! | ? | : | # |
3 | $ | ^ | # | ^ | \ | / | " | = |
4 | { | } | [ | ] | ( | ) | - | @ |
Ok, it is not easy nor extremely elegant, but it is fun. Show how you generate a password to your friends, you will look like a fantasy wizard. Guaranteed.