Geslar logo
Geslar

What is a Passphrase

Random words — longer, easier to remember, harder to crack.

Passphrase vs password

A passphrase is a password made of real words instead of random characters. For example, meadow-cloud-chocolate-chestnut instead of xK7$mP2q. It's longer, easier to remember and harder to crack.

Why passphrases are safer
Length beats complexity
meadow-cloud-chocolate-chestnut has 35 characters. Even without special characters, the length exponentially increases brute-force difficulty.
Randomness beats predictability
4 random words from a dictionary of 5,700 words = 5,700⁴ = over a trillion combinations. An attacker can't guess which words you chose.
Memorability beats sticky notes
The human brain remembers mental images better than abstract characters. "A meadow with a chocolate cloud and a chestnut" is a story — xK7$mP2q isn't.
Cracking time comparison

Assumption: attacker uses hashcat with 10 billion attempts per second.

John2024!
~28 bits. Cracked in less than a second. Name + year + symbol = predictable pattern.
P@ssw0rd123
~22 bits. Cracked instantly. Among the top 1,000 most common passwords worldwide.
4 random words
~52 bits. Cracking would take hundreds of years — even with the fastest hardware.
5 random words
~65 bits. Millions of years to crack. Recommended for master passwords.
The key word is "random". A phrase like "I love Croatia very much" is not secure because it's not random — sentences have predictable structure. Use the Geslar generator for truly random phrases.
How to generate a passphrase
  1. Open geslar.app or the generator in Škrinjar.
  2. Select the "Phrases" tab.
  3. Choose a language (Croatian or English).
  4. Choose a dictionary (standard, Kajkavian, Čakavian, metaphors).
  5. Set the number of words (recommended 4-6).
  6. Choose a separator (hyphen, dot, space).
  7. Click "Generate".
Usage tips
For master passwords
4-6 words. This is the only password you need to remember — Škrinjar generates and remembers all others.
For web accounts
For regular accounts, use a generated password (20+ characters) — you don't need to remember it as Škrinjar does it for you.
For sharing
A passphrase is easier to dictate over the phone than xK7$mP2q#R9!. Useful for Wi-Fi passwords and shared accounts.
Related articles
How the generator works (technical) Password & passphrase generator Creating a master password