Back in 2016, we had a small problem in our support engineers’ workflow. Each member of the team had a different idea of what a ‘secure password’ meant.
To solve this, we developed an in-house tool: the WST Passphrase Generator, inspired by the ‘correct horse battery staple’ logic from the XKCD comic. This tool generates complex yet easy-to-remember passphrases by combining random words with numbers and special characters, ensuring both security and usability.
In 2019, we made this tool available to the public on our website. The WS Passphrase Generator has since helped countless users create strong, memorable passwords effortlessly, and is one of our site’s most visited resources. Re-skinned for 2025 we have re-launched it in our sites ‘Resources’.
Embracing Modern Security
Whilst we now strongly recommend using password managers combined with MFA, and with new technologies like passkeys emerging to do away with passwords entirely, we still believe this simple method of memorable password generation provides great use for those cases that are yet to support an alternative.
It helps adhere to the current NIST ‘Memorized Secret’ guidelines, ensuring your digital security remains robust.
Why NIST password Guidelines matter
NIST guidelines help organizations adhere to cybersecurity standards and accreditations such as Cyber Essentials and ISO 27001, and help align businesses with the MOD’s Secure by Design framework. This ensures robust protection against cyber threats and enhances overall digital security.
Key current NIST password guidance
The National Institute of Standards and Technology (NIST) guidelines for ‘Memorized Secrets’ – AKA ‘passwords’ up to Aug-24 emphasise:
- Password Length: Allow at least 64 characters in length to support the use of passphrases
- Optional Special Characters: Special characters are optional but can enhance security.
- Password Managers: Use password managers to store and generate passwords safely.
- Change Only When Necessary: Change passwords only if there’s evidence of a breach.
There is much more guidance available in their full standards documentation, but in the context of this passphrase generator, we do still think it has a firm place and relevance in the current security landscape.
Play away, create your new password, and enjoy!
WST Passphrase Generator
Secure password generator with easy to remember words
This is an XKCD inspired password generator.
