Password Generator
Generate cryptographically random passwords from 4 to 128 characters. Toggle uppercase, numbers, and symbols. Runs in your browser. Nothing is uploaded.
settingsCustomization
lightbulbSecurity Tip
Never reuse the same password across multiple sites. Consider using a password manager to store these complex strings securely.
What is the Password Generator?
A password generator builds a random string of characters that's hard for anyone (including you) to guess. A 16-character password drawing from uppercase, lowercase, numbers, and symbols carries roughly 100 bits of entropy, enough to take billions of years to brute-force on current hardware.
How to use the Password Generator
- 1
Pick a length
Drag the slider anywhere from 4 to 128 characters. Sixteen is the practical minimum for an account that matters.
- 2
Choose character types
Toggle uppercase, lowercase, numbers, and symbols. Including all four maximizes entropy and pushes the strength meter to "Very Strong."
- 3
Generate and copy
Click the regenerate button until you see one you like, then tap the copy icon to send it to your clipboard.
- 4
Store it in a password manager
A unique password per site only protects you if you can recall them all. Paste each generated string into 1Password, Bitwarden, or your browser's built-in vault.
Frequently Asked Questions
How does the password generator work?
Each character is picked using crypto.getRandomValues(), the browser's cryptographically secure random source. That's the same primitive backing HTTPS key generation. Generation happens locally, so the password never travels over the network.
What makes a strong password?
Length matters more than complexity. A 16-character password drawing from all four character sets carries roughly 100 bits of entropy, enough to take billions of years to brute-force on today's hardware. Skip dictionary words and birthdays, and never reuse a password across sites.
Is this password generator safe to use?
The password lives only in your browser. Open DevTools, switch to the Network tab, and you'll see no outbound request when you click Generate. We never see, store, or transmit what's produced.
Should I use a different password for every site?
Yes. A single breach at one service exposes the password for every site where you reused it. Credential-stuffing attacks turn one leak into a hundred account takeovers. Pair this generator with a password manager so you never have to remember any of them.