Developer tools
Password generator
Generate a strong random password or a memorable passphrase, using the secure Web Crypto generator. Everything runs in your browser - nothing is uploaded.
How it works
Generate a strong random password or a memorable passphrase, right in your browser. Every value uses the Web Crypto random number generator, the same cryptographically secure source browsers use for keys, so the output is unpredictable and never derived from a weak source. Nothing is generated on a server and nothing is sent anywhere.
Password mode lets you set the length and choose which character sets to include - uppercase, lowercase, digits, and symbols - with an option to exclude look-alike characters like 0, O, 1, l, and I for values you might type by hand. Passphrase mode strings together random words from a curated list, with a separator, optional capitalisation, and an optional number, giving you something like correct-horse-battery that is easy to remember but still hard to guess. A strength hint estimates how much entropy each result carries.
Example. A 20-character password with all four sets on might come out as 7t$Rk2!pZ9qLm4xW#nVb. Switch to passphrase mode with five words and a hyphen and you might get summit-rabbit-velvet-cobalt-driftwood, which is long enough to be strong yet far easier to recall and type.
FAQ
Are these passwords safe to use?
Yes. They are produced with the Web Crypto getRandomValues function, a cryptographically secure random source, not the predictable Math.random. Generation happens entirely in your browser, so a password is never transmitted, logged, or stored. As with any tool, generate the password on a device you trust.
What makes a password strong?
Length and unpredictability. A longer password drawn from a larger character set has more possible combinations, which is measured as entropy in bits. Roughly speaking, more than about 70 bits is strong for most uses. The strength hint shown here estimates the entropy from your chosen length and character sets so you can compare options.
Is a passphrase better than a password?
It depends on how it is used. A passphrase of several random words can have as much entropy as a shorter random password while being far easier to remember and type, which makes it a good choice for a master password you must memorise. The key is that the words are chosen randomly, which this tool guarantees, not picked by a human.
What does "exclude ambiguous characters" do?
It removes characters that are easy to confuse when read or typed, such as the digit 0 and capital O, or the digit 1, lowercase l, and capital I. This is handy for passwords you will read off a screen or dictate. It slightly reduces the character set, so the tool factors that into the strength estimate.