How our 3-word recovery phrase actually works

Most "secure" systems fail at the intersection of math and human psychology. We’ve all been there: you create a "strong" password like k$2!Q9zX@Lp7, only to forget it three days later because the human brain wasn't evolved to store high-entropy random strings. You end up resetting it, or worse, writing it on a post-it note.

Pwdly takes a different approach. We use a 3-word recovery phrase because people remember stories, not strings.

The Raw Entropy: The Foundation

Your 3-word phrase is sampled from a curated BIP-39 style wordlist containing 2,048 (or in our case, a more expansive 7,700+) carefully selected words.

• The Math: A 3-word selection from a 7,700-word list provides approximately log2​(77003)≈39 to 46 bits of raw entropy.
• The Reality: In a vacuum, 46 bits of entropy wouldn't survive a professional offline brute-force attack. A modern GPU cluster can iterate through 246 combinations relatively quickly if the hashing algorithm is "cheap" like MD5 or SHA-1.

The Great Equalizer: Argon2id

This is where our architectural choices turn "memorable" into "unbreakable." We don't just store a hash of your words; we use them as the seed for Argon2id, the winner of the Password Hashing Competition.

When you enter your phrase, we feed it—along with your email as a unique salt—into Argon2id configured with 64 MiB of memory and 3 iterations.

Why this changes everything:

• Memory Hardness: Unlike traditional hashes, Argon2id requires actual, physical RAM to compute. An attacker can't just use a "thin" specialized chip; they need a machine with significant memory for every single guess.
• Time Cost: The 3-pass iteration ensures that even on fast hardware, a single guess takes a fraction of a second.
• The "Virtual" Entropy Boost: By making each guess 10,000× more expensive than a standard hash, those 46 bits of entropy behave much more like 70+ bits in practice. It moves the "Cost to Crack" from a few hundred dollars to millions of dollars in hardware and electricity.

Why Words Over Characters?

The philosophy behind otter-violin-canyon vs. k$2!Q9zX@Lp7 is simple: Durability.

1. Recall Under Stress: If you lose access to your primary device, you are likely in a high-stress situation. Complex characters disappear from memory under adrenaline; a simple, vivid mental image of an otter playing a violin in a canyon stays.
2. Physical Backups: You can easily write three words on a piece of paper and put it in a physical safe. Writing out a 16-character random string increases the "transcription error" rate—where a 1 looks like an l or an O looks like a 0—potentially locking you out of your data forever.
3. Error Correction: Our wordlist is curated so that no two words are phonetically identical or easily confused. If you remember "otter," there isn't another word like "utter" to confuse the system.

The Zero-Knowledge Guarantee

Most importantly: Your 3-word phrase never touches our server. It is the "Master Seed" that stays strictly within your browser's RAM. We provide the vault, we provide the math, but the key lives only with you. We’ve replaced "Trust us" with "The math is in your favor."