Press SPACE to generate
This password generator builds random passwords entirely in your browser using the Web Crypto API, the same cryptographic randomness source browsers use for secure connections. Nothing you generate is ever sent to a server, logged, or stored — close the tab and the password exists only where you pasted it.
Pick a length from 8 to 64 characters, toggle uppercase letters, lowercase letters, numbers, and symbols, and the strength meter estimates entropy as you adjust. Press the space bar to generate a fresh one instantly.
A 16-character password using all four character sets draws from roughly 90 symbols per position, which works out to about 104 bits of entropy. At a trillion guesses per second, exhausting that space would take longer than the age of the universe. For most accounts, 16 characters with all sets enabled is more than enough; for a password manager master password or disk encryption, consider 20 or more.
Yes. Generation happens locally in your browser with crypto.getRandomValues(), a cryptographically secure random source. The password never leaves your device — this page makes no network request with your generated password.
16 characters with uppercase, lowercase, numbers, and symbols enabled is a solid default for online accounts. Go longer (20+) for anything protecting other credentials, like a password manager or email account, since those are recovery paths to everything else.
Some sites restrict which characters they accept. If a password is rejected, turn off the symbols toggle and compensate by increasing length — a 20-character alphanumeric password is stronger than a 14-character one with symbols.
Passphrases (several random words) are easier to memorize and fine for passwords you type often. For passwords stored in a manager and pasted, random character strings like these pack more entropy into fewer characters.