List of other diceware and related passphrase lists

[DonaldTsang]

See list of items provided in https://github.com/grempe/diceware/tree/master/lists and https://github.com/grempe/diceware/issues

[DonaldTsang]

@ulif please update with more lists

[victor-gp]

Heads up, for anyone who's interested in this, you can bring your own wordlist. As explained in the readme:

With dash (-) as filename you can pipe in wordlists:

$ echo -e "hi\nhello\n" | diceware -
HiHiHelloHiHiHello

This further allows for a feature like the one you proposed here, mixing languages like this:

cat jp.txt en.txt | diceware -

And if you need a copy of the built-in wordlists, you can find their location in the last line of $ diceware --help.

I'm not really sure of how cryptographically secure this mixing of wordlists is, though. I guess that as much as the normal use case?

[BradKML]

Mostly an i18n or nerd rage type of ordeal

[ulif]

@victor-gp Providing your wordlist over an input pipe is perfectly well and an intended use case. Please do that :)

How secure that is, is another question, but I'd say that when concatenating n lists you will get in worst case the entropy (per word) of the worst input list (highly unlikely, if the lists differ from each other). In best case, the result entropy will be log2(len(list1) + len(list2) + ...) which would be an improvement over each of the single lists or combinations thereof.

In this case i18n is not a big deal, I think. Just feed utf-8 which should be sufficient even for large charcter sets like traditional chinese.

Please note, that when you are happy with your new wordlist, you can save it to the given wordlist dir (with a wordlist_-prefix) and request to use it like this:

   $ cat jp.txt en.txt > PATH_TO_WORDLIST_DIR/wordlist_my-jp-en.txt
   $ diceware -w my-jp-en
   <words from jp.txt and en.txt>

and if you then set your new custom list as default in ~/.diceware.ini

   $ cat ~/.diceware.ini
   [diceware]
  wordlist = my-jp-en

then diceware will happily use your new wordlist by default:

   $ diceware
   <words-from-jp.txt-and-en.txt>

Last not least: if you created an interesting wordlist, you are most welcome to share it with others and to send it here.

@DonaldTsang, however, is right. We have to provide more wordlists and this is also my job.

[victor-gp]

Hi @ulif, thanks for your answer!

In this case i18n is not a big deal, I think. Just feed utf-8 which should be sufficient even for large charcter sets like traditional chinese.

Yes, the tool parses chinese characters alright. And users of non-alphabetic writing systems probably do passwords in ascii (pinyin and similar) anyways.

Another cool feature I stumbled upon is that I can pipe wordlists both with and without the dice numbers.

Please note, that when you are happy with your new wordlist, you can save it to the given wordlist dir (with a wordlist_-prefix)

Nice to know! I tried to do this but it didn't work cause I missed the wordlist_ prefix. :sweat_smile:

For my needs tough, I'm ok with decoupling wordlists from the app. I'm not too happy with a couple of them so I prefer to store them aside. I'll keep the setup you suggested in mind if I settle on a subset later on.

Last not least: if you created an interesting wordlist, you are most welcome to share it with others and to send it here.

@DonaldTsang, however, is right. We have to provide more wordlists and this is also my job.

As for this, I don't think my "X languages mixed" wordlist is particularly interesting. I can help with adding public wordlists though.

I could dig through the ones in stuarta0/ultimate-diceware. Probably use/adapt the originals so licensing is more straightforward. And only when their license allows, of course.

It's only about adding them into diceware/wordlists/, and then attribution in COPYRIGHT and the README, right?

What do you think, should I do that?

[BradKML]

@victor-gp it would miss some of the other more "interesting" wordlist, but I would not mind adding references to other lists to https://github.com/ulif/diceware-list/tree/master/diceware_list