Secure Password Generator

Create cryptographically strong passwords and passphrases locally.

Length of the generated password (8 - 128).

- Makes the password easier to read by humans.
Generated Password
Weak (0 bits)

This password has relatively low entropy. We recommend at least 120 bits for enterprise database passwords or API keys.

Generated locally using Web Crypto API.

Password Generation Security Guide

A strong password is the first line of defense against unauthorized access. Our Password Generator runs 100% inside your browser, ensuring your generated passwords are never transmitted over the network or stored on any server.

Entropy Explained

Entropy is a measure of how unpredictable a password is, usually measured in "bits."

  • < 40 bits: Weak. Can be cracked instantly.
  • 40 - 80 bits: Moderate. Suitable for low-value accounts but vulnerable to dedicated offline cracking.
  • 80 - 120 bits: Strong. Excellent for general web accounts and standard usage.
  • > 120 bits: Enterprise / Cryptographic. Recommended for database root passwords, API keys, and master vault passwords.
  • Why Length Matters More Than Complexity

    While adding symbols and numbers increases the pool of possible characters (increasing entropy), simply adding more characters to a password has a much larger impact on its overall strength.

    For example, a 20-character password made entirely of lowercase letters is significantly harder to crack than an 8-character password containing a mix of every symbol type.

    Security Guarantees

  • Web Crypto API: We use window.crypto.getRandomValues() rather than Math.random(). Math.random() is NOT cryptographically secure and its outputs can be predicted by an attacker.
  • Client-Side Only: Turn off your Wi-Fi, refresh the page, and it still works. We don't send telemetry, we don't log to the console, and we don't save to localStorage.