Password Generator

The Password Generator creates strong, random passwords using the browser's built-in cryptographic random number generator (window.crypto.getRandomValues). Unlike naive generators that use Math.random() — which is not cryptographically secure and can be predicted — this tool draws from a true entropy source, making each password suitable for protecting real accounts.

Password strength is not just about length; it is about entropy — the combination of length and character-set size. A 12-character password using only lowercase letters has about 56 bits of entropy. The same 12 characters using upper, lower, digits and symbols jumps to roughly 78 bits, which is millions of times harder to brute-force. This generator lets you tune every dimension: length from 4 to 64 characters, and independent toggles for uppercase, lowercase, digits and symbols. You can also exclude ambiguous characters (0/O, 1/l/I) so passwords are easier to read and type.

The live strength meter estimates entropy in real time and labels the result as Weak, Fair, Good or Strong. For most personal accounts, a 16-character password with all four character classes (rated Strong) is an excellent baseline. For high-value targets like email or banking, consider 20+ characters.

All generation happens locally in your browser. Passwords are never transmitted, logged or stored. Use a dedicated password manager to store the generated passwords — this tool creates them, your manager remembers them.