Random words matter most
More words from a larger pool improve resistance faster than cosmetic rules.
Strong Passphrases, Properly Forged
A free, private passphrase generator — multilingual word pools, client-side generation, and an AI-aware strength readout for stronger, more memorable passwords.
Generated passphrase
Your passphrase is never shared or stored
How strong is your passphrase?
Calculating realistic guessing difficulty.
- Fast offline cracking ? This uses the local zxcvbn-ts library and a deliberately harsh fast-hash scenario. 10B guesses/sec is a rough high-end offline rate for fast leaked hashes on serious GPU cracking hardware, not normal website login guessing. Slow password hashing can be far lower.
- -
- Rate-limited online cracking
- -
- AI attack resistance ? AI-powered crackers are trained on billions of leaked passwords and guess human-likely patterns first — so they crack predictable passwords far faster than raw math suggests. This shows how much of a shortcut an AI attacker gets on your passphrase: the gap between its true random strength and how strong a pattern-based model thinks it is. Randomly generated passphrases leave almost no shortcut — there's no human pattern to learn. The number rises if your settings add predictable structure.
- -
How the estimate works
PhraseForge creates your passphrase on this device, then checks it with
zxcvbn-ts, a password-strength tool that looks for patterns attackers
commonly try. The result is an estimate, not a guarantee.
Length wins
Long, randomly chosen passphrases create more guesses for attackers than short passwords with cosmetic substitutions.
Use unique phrases
One passphrase per account. A password manager helps keep them separate.
Research notes
Useful reading behind the generator and strength model.