Password Generator
Generate secure random passwords — cryptographically random, never leaves your browser.
About Password Generator
Password Generator produces strong random passwords or passphrases using cryptographically secure randomness — the Web Crypto API's crypto.getRandomValues, not the weaker Math.random. Pick a mode (random string or passphrase), set the length or word count, choose options like character classes or word separator, and the generator emits a fresh password each time you click Regenerate.
Worked example: in random-string mode, a 20-character password with all four character classes (lower, upper, digits, symbols) produces something like 'k7Q!nP$4xR2*aBcZqW3#' — long, random, and effectively impossible to guess. Switch to passphrase mode for a memorable form like 'horse-battery-staple-correct-purple-bridge' — six words drawn from a 390-word common-English list, joined by hyphens — that is much easier to type. The random mode also offers an 'exclude ambiguous characters' toggle that removes 0, O, 1, l, I, and | from the pool, useful when passwords have to be read aloud or typed from paper.
A few notes on password strength. Length is the single most important factor: a 20-character password from the full ~88-character alphabet carries roughly 130 bits of entropy — beyond what any realistic attacker can brute-force — while a shorter or smaller-alphabet password can be surprisingly weak. Character classes (mixing upper, lower, digits, symbols) raise per-character entropy, but length alone is also a perfectly valid path (a 20-character all-lowercase password is still strong). For passphrases, six words from the built-in list gives ~52 bits; eight words gives ~69 bits — comparable to a much shorter random string, and far easier to remember.
Generation runs entirely in your browser using the Web Crypto API. Passwords are never sent over the network, never logged, and never stored — close the tab and they are gone.