Skip navigation


I saw this password strength post on XKCD, which was posted on 10th August 2011.

The summary at the end of the comic strip sums things up very concisely:

Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.

Debate rages across the internet in a ceaseless battle of opinions, concerning how secure this method of generating passwords is, but I wanted to have a play with the method anyway. I think the advice in XKCD is still valid, from what I have read online. However, doubtless lots of people could find evidence to the contrary.

There's a lengthy piece about the XKCD approach via

Check Passphrase Strength

Once you have a passphrase, you can check its strength via various websites, such as How Secure Is My Password?, Password Meter and Password Check.

Alternative Passphrase Generator

If you want a more personalised passphrase, try the "yourword" passphrase generator. For example - type your own word, e.g. "andy", and submit the form, the sets of words which are returned in the passphrase each start with each letter in turn from the word "andy"...

Notes about this passphrase generator
XKCD Password Strength

Here's the XKCD comic strip post this is based on:

Password Strength