Your passwords should be uncrackable and unforgettable. Instead of some weird string of random letters, numbers, and special characters, consider generating a poem instead:

crisper as right wide simmer
dusty bee noon noun dimmer

or

brutal her shade lay zest
Chile has men heal quest

Randomly generated nonsense couplets like these, when used as passwords, are very strong. And at least for me, they’re much more memorable than comparably-secure passwords chosen by more traditional methods.

You probably use at least one password. If that password is used for anything important, it should be strong and also memorable. A classic way to remember something is to turn it into a poem. Below is a tool¹ that generates a strong password², in the form of a nonsensical rhyming couplet. The rest of this post is about why I wanted to make a poem password generator, and how I did it.

Poem Generator

It’s not necessary, but if you’d like to, you can add punctuation or capitalization. All the words in the generated passwords are shown in lower case, even though some of them are proper names or acronyms. For example, the name Al might show up as al in the poem, or HTTP might appear as http. You won’t make the password weaker by changing capitalization or punctuation; in fact you’ll make it slightly stronger.

If you don’t like the first password you generated, you can re-roll for slightly lower entropy: If you re-roll three times and pick your favorite, that will decrease the entropy by two bits. If you re-roll 15 times, that reduces the entropy by four bits.

Why?

I occasionally need some kind of “master password”, that would be inappropriate or inconvenient to store in my password manager. The most obvious example is the password for the password manager itself. Most often, though, it’s just a login password for a new work laptop or something.

In the past, I’ve used the Diceware method for generating passwords. It gives you the ability to generate strong passwords, roughly in line with the “correct horse battery staple” method. It even lets you generate passwords entirely without the use of a computer, which is mostly useful for the extremely paranoid.

Problems with Diceware

Diceware passwords can be as strong as you want, but as you increase the length they can become unwieldy to remember. For example, here’s a random diceware password with entropy comparable to the poem above:

Garden Gratify Elephant Shock Superhero Backless Enjoyer

It’s a bunch of words with no structure at all. It’s not impossible to construct a mnemonic for it, but it just doesn’t stick in my brain automatically. I wanted a way to generate poems with just as much entropy, that I could more easily remember.

Another problem with Diceware is that, if you do want to use physical dice with a printed wordlist, it’s not clear exactly how to sort the dice, when you use them to look up a password. I wanted to make a procedure that used a set of distinct dice, like those you’d use for D&D. This would mean you could roll all the dice at once, and their values would uniquely determine a “word”³ to include. In principle, this makes the generating process stronger. With a Diceware roll (typically 5 dice), there are 120 different ways to sort your dice, so you could lose up to about 7 bits of entropy on a given word selection if you’re sufficiently uncareful and do something like sorting the dice by value (to limit page turning :P). You can just decide to always read the dice left-to-right, but even rules like that can be a bit ambiguous if dice end up close together.

How?

You can find my code on github, but for those who don’t want to find out what my code looks like when I’m in “just get it working” mode, here’s an overview:

1. Find a massive list of English words. I bought the list you can get from wordfrequency.info because it includes a lot of extra statistical and part-of-speech information about the words. But you could use any long list of English words.
2. Find a pronouncing dictionary. I used the CMU Pronouncing Dictionary after trying a couple of other options that didn’t pan out, mostly due to errors in the other options. The pronouncing dictionary is used to find rhyming pairs of words, as well as patterns of syllable stress, for metric structure.
3. If you chose a “maximalist” word list, you’ll want to somehow filter that word list to include only “real” words. I did this using the OpenAI API, asking their cheapest chatbot to sort each word among several categories, which I then narrowed down by frequency.
4. You could stop here, and generate poems based on the pronunciations of individual words. But if you do this directly, using one word per metric foot, there aren’t enough individual words to make the resulting poems very strong. So instead, download 2gram data from the Google Ngram corpus. This lets you find pairs of words that are often found next to each other, which are very natural to use as metric feet in poems. For example, was done is a much more common pair than these meat, so it’s going to feel more natural in a poem. Add some common pairs of words to your lists.
5. Finally, apply various tweaks to get better results. The biggest issue here is that it’s hard to predict how the stresses get assigned when you put two words next to each other. I resolved this problem by having some special (small) curated categories of words, e.g. one that I (erroneously) call “weak forms”, that tend to become unstressed when they appear immediately before another word in a phrase. I generated this list by trial and error, adding words when I noticed them behaving in this way.

Once you’ve got your word lists, you’re ready to start sampling poems according to your favorite metric structure and rhyme scheme. I found that dactyls and trochees are more common in English, and therefore it’s easier to generate strong passwords using them. Trochaic meter has a “sing-song” / “magical” quality: it’s often used in Shakespeare to distinguish magical characters and incantations like the witches in Macbeth, or the fairies in A Midsummer Night’s Dream (since most of the characters speak in iambic pentameter). It’s fun to think of myself as a wizard reciting an incantation that wakes up my mystical golem.

My final lists of dactyls and trochees are both 460,800 items long, and the list of rhymes is 115,200 long. I picked these numbers because they correspond to the product of polyhedral dice rolls. I haven’t yet made the actual physical word list sheets that would let you generate passwords offline, but when I do, you’ll choose a dactyl or trochee using a d20, d12, d10, d8, d6, and d4; and you’ll choose a rhyming pair using the same set minus the d4.

Because the word lists are a fixed size, and you’re sampling from them uniformly, even though the resulting password appears to have structure, the min-entropy can be straightforwardly computed by multiplying the list sizes (one for each sampled part).