Password Generator
Generate cryptographically secure passwords, passphrases and PINs. Uses crypto.getRandomValues() โ never Math.random(). Nothing is sent anywhere.
A genuinely secure password generator โ explained
Most password generators use Math.random() โ a pseudo-random number generator that is not cryptographically secure. This generator uses crypto.getRandomValues(), the browser's cryptographic random number API, the same standard used by banking apps and password managers.
Three generation modes
- Random characters โ choose length (6โ128), character sets (uppercase, lowercase, digits, symbols) and whether to exclude visually ambiguous characters (0, O, 1, I, l). At 16 characters mixing all sets: roughly 100 bits of entropy.
- Passphrase โ chains random words from a curated list. Passphrases are both strong and memorable. A 4-word passphrase gives around 40 bits of entropy.
- PIN โ numeric only, 4โ12 digits. Useful for ATMs, door codes and mobile unlock patterns.
How to read the strength meter
The meter shows entropy in bits โ each bit doubles the possible values. Below 28 bits: very weak. 28โ44: weak. 45โ59: fair. 60โ79: strong. 80+: very strong (use for master passwords).
Password security best practices
- Use a unique password for every account. Reusing passwords is the single biggest risk.
- Store passwords in a reputable password manager (Bitwarden, 1Password, KeePass).
- Enable two-factor authentication (2FA) wherever available.
- Change passwords immediately if you suspect a breach.
Privacy
Passwords are generated entirely in your browser using the Web Crypto API. Nothing is transmitted. No generated password is logged, stored or sent to any server.
Frequently Asked Questions
- How secure are the generated passwords?
- Very secure. This tool uses crypto.getRandomValues(), the browser's cryptographic random number API โ the same standard used by banking apps and password managers. It never uses Math.random().
- Does this tool store my generated passwords?
- No. Passwords are generated in browser memory only and are never transmitted to any server. Once you close or refresh the page, they are gone.
- What password lengths can I generate?
- From 6 to 128 characters for random passwords, 3 to 10 words for passphrases, and 4 to 12 digits for PINs. All lengths are fully customizable.
- Can I customize which characters are included?
- Yes. You can toggle uppercase letters (A-Z), lowercase letters (a-z), digits (0-9), symbols (!@#...) and whether to exclude visually ambiguous characters like 0/O and 1/I/l.
- Is this password generator really free?
- Yes, unlimited use with no sign-up required, no ads interrupting your workflow, and no limits on how many passwords you generate.