Introduction

Picking a strong and secure passphrase or password can be a hassle sometimes. It is further complicated by restrictions imposed by digital providers. But there are ways to overcome this! Read on.

A few months ago (2024) a random idea popped into my head while I was in the library. I was really just kind of sitting there with a random book in my hands daydreaming when an idea popped into my head. Why not use the randomness of this large space of words and sentences all around me as the basis of acquiring random passphrases and sentences to secure my online accounts and various encryption tools? All those books were just sitting there on their shelves; a huge pool of words, sentences, grammar, phrases, and stories to choose from. And they were just waiting to be chosen at random to serve a non-random purpose.

Now, I'm not going to sit here and attempt to explain to you how randomness or entropy works (I'm not smart enough to, anyway!), but I do have a few theories on how to create chaos in ordered systems, instead of the other way around, but that is a post for another day.

Don't worry you'll like it. Back in the late 1990s I stumbled upon "dmuth" a user in the young age of the Internet who created a page called "Diceware." I suggest you start on his page and go down the rabbit hole until you have a general understanding of how it works. Don't worry, it's easy. Then come back here if you're interested in a new (to me!) method I devised that is as nerdy as the pair of glasses on my nose! So at this point you have some homework to do.

Completely Analog!

With all "diceware" methods, you rely upon dice and no digital methods of random number generation, though my similar second "method two" uses dice and digital methods (which I think you'll really like, but for now we will focus on dice.

For this method you will need three 10-sided dice (you can get by with one if needed), pencil and paper, and a library full of books!. These special 10-sided dice aren't sold just anywhere, but you can definitely find them locally if you try. Please do not order from Amazon or Walmart or other huge chain. Buy locally! If you're in Tulsa, OK USA, you have some good options. I got mine from Top Hat Magic Shop. There are other places in Tulsa, too. Find your local option if you can!.

Ok, keep up with me here. We're going to use the Dewey Decimal System to help us in our search for randomness. The Dewey Decimal classifies books into groups of 100 each containing various subjects. For example 000 is computer science, 011 is bibliographies, 160 is philosophical logic, 580 is plants, 941 is the British Isles, and so on. You can find a full list of all the categories here.

We're going to use our three 10-sided dice to select a Dewey Decimal System category. So roll your three dice! What did you get? I got 743! If you look up that number, you'll find that 743 is the category, "Drawing and drawings by subject."

Now let's get one more number with our dice. Roll it! This time I got a 6!

We have gotten our Dewey Decimal number base. 743.6. Looking up this particular number, 743.6, we find the subcategory of "Drawing Animals."

If you want, you can make ten of these numbers before you go to the library.

So what do you do with these numbers? When we go to the library, we're going to find a book under this category designation or at least one close to it in some cases. In my scenario, 743.6 had three books at my small, local library, all of them about how to draw pictures of animals. I chose one at random, and it's aptly entitled "Drawing Animals" by Norman Adams and Joe Singer. The others were two for children, one being in Spanish. Which is fine! Especially if you know Spanish or are bilingual. It adds to the entropy of possibilities that a password or phrase attacker would have to consider to crack.

Still with me? Great! We have our book now. What are we going to do with it? That's where it gets complicated, but we'll just keep this simple for now. The more you get into randomness with different kinds of dice the more you can experiment. For our purposes, we've already created an incredibly massive pool of possible sentences and word/character space to use as a passphrase. At this point simply open the book to a random page. (I can already hear the purists yelling at me that this isn't truly random. Yes, I know, but keep going, it doesn't matter. It's close enough for lawn darts and nuclear war.)

The page I randomly turned to in my art book is page 59. As you can see it has a cow! I looked through the text and chose the sentence, "The headstall adds a dark accent to the drawing."

Remember to pay attention to capitalization and punctuation. The word "The" is capitalized and the sentence has a period (.) at the end. This, by itself is a good passphrase. If you've read through the Diceware page linked above, you've probably thought to yourself you should add perhaps a special symbol. Absolutely you should! Add a question mark in the middle, perhaps with a number.

We would then end up with something like this:

%The headstall adds a dark accent to the drawing.2

Congratulations, you've created a very strong passphrase! :)

Considerations would be where the password is used. Some websites, for example have certain requirements like minimum and maximum length, a special symbol, a number or will exclude some symbols like a space which our passphrase has. You would perhaps have to alter the passphrase slightly to adhere to their conditions. For example if a website password requires that you exclude spaces, you can omit the space and capitalize each word instead like so:

%TheHeadstallAddsADarkAccentToTheDrawing.2

And so forth!

So now you have another good tool in your pocket to create random passphrases. The sequel to this article will be another way to do the same thing only with more digital tools.

Don't forget to read dmuth's diceware page to learn more about generating good passwords and passphrases. It's led to a life long hobby of mine, and I am happy to have shared a little of that with you.

Happy Book-waring!