Playing Cards Passphrase method |
Secure Passphrase from Playing Cards and a 10,000 Word List "Playing Cards Passphrase" is a method of choosing a secure passphrase. It was inspired by Diceware. * In Diceware, the throw of 5 dice gives you a random number (in base 6) from 11111 to 66666. Looking up that number in a word list gives you the first word in your passphrase. Continue the process until you have a long random passphrase. The number of words in the list is 7776, which is 6 raised to the 5th power. The security of the passphrase is 7776 raised to the Nth power, where N is the number of words in the passphrase. Playing Cards Passphrase works much the same way, except that you use playing cards to choose a random number, and the word list has 10,000 words. The list is numbered from 0001 to 10,000. There are two versions of the list: PCP 10k word list - short (10,000 entries) 3- to 5-letter words; many obscure words; no symbols or digits (other than a dash). List contains 1,000 three-letter words, 4,000 four-letter words, and 5,000 five-letter words. PCP 10k word list - long (10,000 entries) 3- to 10-letter words; fewer obscure words; no symbols or digits (other than a dash). Both PCP 10k word lists - choose which of 2 words you prefer for each randomly selected number. Start with an ordinary deck of playing cards, called a "poker deck". (Do not buy the "pinochle deck", which lacks the numbers 2 through 8.) Remove the face cards (Jack, Queen, King, Joker). This leaves you with 4 sets of Ace through Ten. For our purposes, Aces are ones and Tens are zeros. The other cards are face value: 2 through 9. You should end up with 40 cards in one deck. Shuffle the deck well. Seven "riffle" shuffles is considered optimum for randomizing a deck of cards: Wikipedia on Shuffling. But I suggest you do a few overhand shuffles between each riffle shuffle, for good measure. After shuffling, cut the deck to reveal a card. Shuffle briefly again and cut again, to reveal a second number. Do not keep the chosen card separate from the deck when you choose the next card; that would bias the randomness of the numbers. Repeat until you have a randomly-chosen 4 digit number. A set of 4 Tens counts as the value 10,000. Otherwise, Tens are zeros. For example: "Ace 7 4 10" would read as 1740. "10 2 5 10" would read as 0250. "10 10 10 10" would read as 10,000. Look up the word listed at that number in the word list. You have now chosen a word at random. Reshuffle the deck thoroughly and repeat the process, until you have chosen the number of words you need for your passphrase. You may find this process goes faster if you start with four decks of cards (40 cards per deck). Do not combine the decks. Shuffle each deck thoroughly, then cut the four decks separately to produce each 4-digit number. Use 5 or more words as your passphrase. The level of security that you get with a truly random selection from any word list is determined by the number of words in the list, raised to the Nth power, where "N" is the number of words in the passphrase. This calculation gives you the number of possible combinations for a passphrase of that length. For a list with 10,000 words, use at least 5 words in your passphrase: 5 words have 10 to the 20th power combinations (~64-bit security) 6 words have 10 to the 24th power combinations 7 words have 10 to the 28th power combinations (~96-bit security) 8 words have 10 to the 32nd power combinations 9 words have 10 to the 36th power combinations 10 words have 10 to the 40th power combinations (~128-bit security) 20 words have 10 to the 80th power combinations (~256-bit security) The idea behind any passphrase system is that a set of random words is easier to remember than a set of random characters. A 5-word passphrase is about as secure as an 11-character password. A 10-word passphrase is about as secure as a 22-character password. Should you write down your passphrase somewhere? Short answer: YES!! Which is more likely? You forget your passphrase, or someone gets your passphrase from wherever you store it? Unless you need high security to protect yourself from a very determined opponent, put your passphrase in a software program like "Password Safe" [download link]. You might also want to write down your most important passwords and put them in a physical safe. Should you add a number to your passphrase? If you wish, you can substitute a randomly chosen 4-digit number (0000 to 9999) for any one of the words in the passphrase. The 4-digit random number has as many possible combinations as the word list: 10,000. Choose the number using the Playing Cards method. Do not use a number that has some special meaning to you (such as a year), as it might be guessable. For longer passphrases, you could arrange the words in sets combined with a number. For example: 3 words, one 4-digit number, 3 more words, one more 4-digit number = 8 words of security OR one 4-digit number, 4 words, one more 4-digit number, 4 more words = 10 words of security You might find that this strategy makes the entire passphrase easier to remember. It also makes it a bit harder for an attacker to brute force the passphrase (2^N times harder), as a complete search of every possible passphrase for any length would have to include numbers and words. Finally, memorize your passphrase well!! Go over it every day in your head, a few times a day, for a month. Then you will never forget it. Good luck! Advantages over Diceware I have a few mild criticisms of Diceware, explained in another article. The "Playing Cards Passphrase" method has some modest advantages over Diceware. First, the word list is longer, giving you a small increase in security over Diceware for any passphrase length. Second, working in base 10 is easier than base 6. Third, the word list omits entries shorter than 3 characters. The shorter entries might not be secure, since the entry has fewer possible combinations than the whole word list. Fourth, playing cards are easier to find in stores, and may draw less suspicion than a set of dice. Many grocery stores and convenience stores sell playing cards; few sell dice. See the full set of word lists here: Word Lists for Secure Passphrases Alternate Method for a Playing Cards Passphrase In order to obtain the same high security with a shorter passphrase, the alternate method uses a word list of 65,555 words. This allows an 8-word phrase to have 65,555 to the 8th power possible combinations: 3.41e+38, which is slightly greater than 2^128 (even if one takes into account not using any word a second time in the same passphrase). The value 65,555 is used because it provides 128-bit security, is easy to remember, and simplifies the rules for choosing the random number with playing cards. If the first number drawn is 7, 8, or 9, then redraw to obtain a number from 0 to 6. If the first number drawn is 6, then the next number must be 5 or less (0 to 5). If the first two numbers are 65, then the third number must be 5 or less (0 to 5). And so on. Otherwise, drawing 5 random cards determines the 5-digit number for each word in the passphrase. For this alternate method, 10 is always read as zero. As before, no face cards are used. You can draw the cards from a single deck, but you must always keep each drawn card in the deck for the next draw, so that the odds remain the same. For example, cut the cards to reveal a 10 (zero), then shuffle briefly and cut again. You might, just by chance, get the same card. That is fine, since there is always a 1 in 40 chance of getting the same card on the second draw. Remember, there will be only 40 cards once you remove the face cards. You don't need 5 separate decks. I am finding that two decks is optimal. Shuffle each deck thoroughly. Fan out the cards, face down, and pick a card. Write the first digit on a piece of paper. Switch to the second deck, and pick a card similarly; write down the second digit. Never remove the picked card from the deck. For the third digit, switch to the first deck, shuffle again, and pick the third card. Continue switching decks, with a brief shuffle between card picks, until you have the numbers for the entire passphrase. Then look up the corresponding words. Cutting the cards does not work as well as fanning them because sometimes a deck will be biased to be more likely to cut to particular cards. Two decks is better than one, so that you do not have any bias from using the same deck repeatedly. Memorize the passphrase thoroughly! PCP 65,555 word list - this longer list allows an 8-word passphrase to have 128-bit security. The 65,555 word list is in the public domain. * The "Playing Cards Passphrase" method for choosing a secure passphrase is in the public domain. I assert no trademark, copyright, patent, or other propriety claim. Return to: Secure Password and Passphrase Resources |