Pronounceable password generator (CVCV, memorable + secure)

Pronounceable passwords and their unique exposure path

Pronounceable passwords are designed for situations where a human reads them aloud, types them from a sticky note, or dictates them over a phone call. Guest Wi-Fi credentials, onboarding PINs, conference-room door codes — these are the natural uses. The operational goal is accurate human transmission, not just cryptographic strength.

The distinctive risk of pronounceable passwords is that their ease of transmission multiplies the number of times they travel through the world. They get re-used longer than random passwords; more people tend to know them. If the generation step itself involves a round-trip to a server, the password’s exposure starts before the first use.

What online generators send to their servers

Online pronounceable password generators make a network request to produce the result. The generated password travels in the HTTP response body and can land in server access logs or application logs. HTTPS protects the data in transit, but the server operator sees the full request and response.

Pronounceable passwords used for Wi-Fi or shared access codes tend to have long lifespans — the same credential stays in use for months. A password captured in a server log at generation time remains valid long after; when that log leaks in a future breach, the credential is still live. Fully random passwords, which are typically rotated more aggressively, face a shorter exposure window.

Static CV table plus crypto.getRandomValues

This tool bundles a static consonant list (b/c/d/f/g/h/j/k/l/m/n/p/q/r/s/t/v/w/x/y/z, 21 characters) and a vowel list (a/e/i/o/u, 5 characters) as page-local data. Random selection uses crypto.getRandomValues() from the Web Crypto API, which draws from the OS entropy pool — unlike Math.random(), which is a PRNG explicitly documented as unsuitable for security use. Rejection sampling removes modulo bias when mapping random bytes to these small character sets.

Generated passwords live only in page memory. No network request fires during generation or copy. Open DevTools Network before generating a batch: the tab stays empty. The source is on GitHub, where the absence of external API calls is auditable at the implementation level.

When to use pronounceable versus fully random

Fully random passwords win on entropy per character (~6.6 bit/char for a 94-character pool). Pronounceable patterns produce around 4.4 bit/char. For server-to-server API keys, certificate private keys, and database credentials, use password-generate with the full character set.

For credentials a human will type, read aloud, or write on a whiteboard, pronounceable passwords reduce transcription errors and support the case where accurate transmission matters more than squeezing maximum entropy per character. NIST SP 800-63B explicitly accounts for memorability. The 12-letter plus 2-digit default reaches roughly 45 bits; bump length to 16+ if the threat model needs more.

Pronounceable password algorithms: FIPS 181 and the CVCV model

Automatic generation of pronounceable passwords has a longer history than one might expect. FIPS 181 (Automated Password Generator, published 1993, withdrawn in 2015) defined the most widely cited approach: (a) a probability table of English phoneme digrams and trigrams, (b) a Markov-chain-style state machine that emits English-like syllables, (c) randomness drawn from ANSI X3.92 (DES-based) primitives. NIST retired FIPS 181 itself in favour of guidance in SP 800-63B (2017), which moved memorability into the recommendation for passphrases via EFF’s Diceware approach.

This tool uses a simpler CVCV model — alternating consonant and vowel — rather than the FIPS 181 English-phoneme distribution. With 21 consonants and 5 vowels, each CV pair has 105 possible values, giving log2(105) ≈ 6.71 bits of entropy per pair, or 6.71 × N bits total for N pairs. Because each position is uniformly sampled rather than weighted toward English phoneme statistics, the output is less English-like than FIPS 181 but also less vulnerable to dictionary-style attacks that exploit phoneme distributions. The CVCV model deliberately trades a small amount of pronounceability for resistance to corpus-based guessing.

Comparison with Diceware passphrases and hybrid strategies

A widely used alternative is Diceware (the EFF wordlist): 7,776 carefully selected English words (= 6^5, five dice rolls), from which six to eight are chosen uniformly at random and concatenated to form passphrases like correct horse battery staple (the XKCD 936 example). Each word contributes log2(7776) ≈ 12.92 bits, so six words give about 77 bits — comparable to a 12-character output from this tool (~80 bits). A Japanese-language Diceware list exists (maintained by Tatsuhiko Matsuzaki).

Passphrase strengths: (a) word-level units cut down on transmission errors when read aloud, (b) typing is fast, (c) recall is strong. Weaknesses: (d) length limits in legacy systems (some still cap at 16 characters) make them impossible to enter, (e) some systems disallow spaces, (f) personalised word choices (favourite movies, internal slang) erode entropy because they aren’t uniformly random anymore. CVCV passwords from this tool work where length caps apply and fit operational needs like Wi-Fi WPA2 PSKs or short voice-transmitted codes. The two approaches are complementary rather than competing: use this tool for short, voice-friendly secrets that go into a password manager, and reserve Diceware for a few master credentials that must live in human memory. To grade the entropy of the chosen output, password-strength-check runs the analysis locally.