Password Generator
Generate strong, random passwords instantly. Nothing is stored or sent.
The Password Generator creates cryptographically random passwords using your browser's built-in secure random number generator. Choose the length and which character types to include — uppercase letters, lowercase letters, numbers, and symbols. Nothing you generate is ever sent to a server or stored anywhere.
How to use
- Set the desired password length using the slider (8–64 characters).
- Toggle the character types you want to include — uppercase, lowercase, numbers, symbols.
- Click "Generate" to create a new password, then use the copy button to copy it to your clipboard.
s8Y0gaeYdza6Bt23
When to use
Creating new account passwords
Use the generator whenever you create a new account. Enable all character types and use at least 16 characters for strong security. Store the result in a password manager — never reuse it across accounts.
Replacing weak or reused passwords
If you reuse passwords or use short passwords under 12 characters, replace them with generated passwords one account at a time, starting with your most important accounts: email, banking, and your password manager.
Generating API keys and tokens
Need a random secret for an API key, webhook secret, or session token in development? The generator produces cryptographically secure random strings suitable for use as shared secrets or short-lived tokens.
Examples
Frequently Asked Questions
Is this password generator truly random?
Yes. It uses the Web Crypto API (crypto.getRandomValues), which is a cryptographically secure random number generator built into all modern browsers.
Are my passwords stored or logged?
No. All generation happens locally in your browser using JavaScript. Nothing is transmitted to any server.
How long should my password be?
Security experts recommend at least 16 characters for most accounts. For critical accounts like email or banking, use 20 or more characters with all character types enabled.
What does password entropy mean?
Entropy measures how unpredictable a password is, in bits. Higher entropy means harder to crack. Aim for at least 80 bits of entropy for strong security.
Should I use symbols in my passwords?
Yes, if the service allows it. Adding symbols significantly increases the number of possible combinations, making brute-force attacks much harder.
How do I create a strong password?
A strong password is long (16+ characters), random (no words or patterns), and unique (never reused across accounts). Use this generator to create one, then store it in a password manager like Bitwarden, 1Password, or Apple Keychain.
What is password entropy?
Entropy measures how unpredictable a password is, in bits. A 16-character password with all character types has approximately 105 bits of entropy. Aim for at least 80 bits for most accounts; 100+ for critical accounts like email and banking.
Is it safe to generate passwords in a browser?
Yes. This generator uses crypto.getRandomValues — the Web Crypto API built into all modern browsers. It is a cryptographically secure random source. Nothing is sent to any server.
How often should I change my passwords?
Current NIST guidance (SP 800-63B, 2024) recommends changing passwords only when you have evidence they were compromised — not on a fixed schedule. Using a unique, randomly generated password from the start is more important than frequent rotation.
What is a random password generator?
A random password generator creates passwords using a cryptographically secure random source. Unlike human-chosen passwords, these contain no patterns and are resistant to dictionary attacks and guessing based on personal information.