Security
Password Generator
Create secure, random passwords to keep your accounts safe.
Best Practices
Use Long Passwords
Length is often more important than complexity. Each character added exponentially increases the time required for an attacker to crack it. Aim for at least 16 characters for critical accounts.
Memorable Passphrases
Modern security guidelines suggest that passphrases (like "correct-horse-battery-staple") are often more secure and significantly easier to remember than random strings of characters.
Unique for Every Account
Never reuse passwords. If one service is breached, every other account using that password is at risk. Use a password manager to store your unique, secure passwords.
Entropy & Security
Our strength meter uses entropy (bits) to estimate security. A password with 80+ bits of entropy is considered very strong against modern brute-force techniques.
Technical Overview
Client-Side Generation
This tool runs entirely in your browser using the Web Crypto API. Your generated passwords never leave your device and are never sent to any server.
Cryptographically Secure
We use window.crypto.getRandomValues() to ensure true randomness, providing much higher security than standard Math.random().
Zero-Knowledge Design
No data is stored, logged, or cached. Every generation is transient and exists only in your browser's memory until the page is refreshed or closed.
High Resolution Entropy
Calculated as log2(pool ^ length), giving you a precise measure of how many guesses a brute-force attack would require to succeed.