Password Generator
Generated in your browser using crypto.getRandomValues. Nothing leaves your device.
Generated
—
Entropy
—
Strength
—
Charset size
—
Why entropy matters
A password's "strength" is the number of bits an attacker would need to guess in the worst case. 60 bits is the rough threshold for "strong enough today"; 80+ bits survives Moore's Law for a decade or two.
- 8 chars, letters + digits: ~48 bits — crackable in minutes by a modern GPU.
- 16 chars, full charset: ~103 bits — secure for the foreseeable future.
- 20+ chars: overkill, but cheap insurance.
Use a password manager
The reason these generators exist is that you should be using a different long password for every account. Memorizing 200 of them isn't possible; a password manager makes it irrelevant. The only password you actually memorize is the master password — pick a good one.
About this generator
All randomness comes from crypto.getRandomValues — the browser's cryptographically secure source. Nothing is sent over the network. View the page source to verify.