Password Generator

Generate strong, random passwords with custom length, character sets, and security settings. Free, instant, no signup required.

Charset size: 83 — Entropy: 127 bitsVery Strong

Other Data Tools

Password Generator - Create Strong, Random Passwords Online

Generate secure, random passwords instantly in your browser. No account required, no data sent to any server - all generation happens locally using the Web Crypto API.

What makes a strong password?

A strong password combines length with a large, varied character set. The more characters available and the longer the password, the higher its entropy - a measure of unpredictability. This tool displays your password's entropy in bits so you can make an informed choice. For most accounts, aim for at least 80 bits (roughly 14+ characters from a full charset). For critical accounts like email or banking, 100+ bits is recommended.

How does this password generator work?

Passwords are generated entirely in your browser using crypto.getRandomValues(), a cryptographically secure random number generator provided by the Web Crypto API. Each character is drawn uniformly from your chosen character set, ensuring no statistical bias. No passwords are transmitted, logged, or stored anywhere.

What character sets are available?

You can mix and match four character sets:

Lowercase letters (a-z)
Uppercase letters (A-Z)
Numbers (0-9)
Special characters (!@#$%^&*()-_=+[]{}|;:,.<>?)

Enabling more sets increases entropy significantly. A 20-character password using all four sets provides ~127 bits of entropy - far beyond brute-force reach.

What are lookalike characters and should I exclude them?

Lookalike characters are visually similar glyphs that are easy to confuse when reading or typing a password: 0 and O, 1, l, and I. Excluding them makes passwords easier to transcribe manually without reducing security in any meaningful way. The default is enabled.

How many passwords can I generate at once?

You can generate between 1 and 50 passwords simultaneously. This is useful when bulk-provisioning credentials, generating one-time tokens, or comparing options. Use "Copy All" to copy every generated password separated by newlines.

What password length should I use?

12-16 characters - acceptable for low-risk accounts with limited login attempts
20 characters - the default; strong for everyday use across all account types
30+ characters - ideal for password manager master passwords, API keys, or any credentials stored securely

How is password entropy calculated?

Entropy is calculated as length × log₂(charset size). For example, a 20-character password drawn from 83 characters yields 20 × log₂(83) ≈ 127 bits. Each bit of entropy doubles the effort required to guess the password by brute force.

Is this tool suitable for generating API keys or tokens?

Yes, for human-readable tokens. For machine-generated secrets in applications, prefer a purpose-built generator like the UUID Generator which produces RFC-compliant identifiers. For arbitrary high-entropy tokens, a 32-64 character password with all character sets enabled is a solid choice.