Password Generator
Generate cryptographically secure random passwords using the Web Crypto API. Customize length, character sets, and generate in bulk. Everything runs in your browser — no data is sent anywhere.
Configure options below...Length & Presets
Quick Presets
Character Sets
Password Security Guide
Do
- ✓ Use at least 12 characters
- ✓ Mix uppercase, lowercase, numbers, and symbols
- ✓ Use a unique password for every account
- ✓ Use a password manager to store passwords
- ✓ Enable two-factor authentication (2FA)
Don't
- ✗ Reuse passwords across accounts
- ✗ Use personal info (names, birthdays, pets)
- ✗ Use dictionary words or common patterns
- ✗ Share passwords via email or messaging
- ✗ Store passwords in plain text files
Related Tools
Frequently Asked Questions
How are these passwords generated?
Passwords are generated using the Web Crypto API (crypto.getRandomValues()), which provides cryptographically secure random numbers. This is the same randomness source used by TLS, SSH, and other security protocols. No pseudo-random fallback is used.
Are my generated passwords stored or sent anywhere?
No. All password generation happens entirely in your browser. No passwords are transmitted over the network, stored in cookies, or logged anywhere. You can verify this by using the tool offline or inspecting network traffic in your browser's developer tools.
How long should my password be?
For most accounts, 16 characters with mixed character types provides excellent security (80+ bits of entropy). For high-security applications like master passwords or encryption keys, use 20-32 characters. A 12-character password with all character types is the minimum for reasonable security today.
What does “entropy” mean?
Entropy measures the randomness or unpredictability of a password in bits. Each bit of entropy doubles the number of possible passwords an attacker must try. A password with 80 bits of entropy has 2^80 (about 1.2 septillion) possible combinations. Higher entropy means a stronger password.