Password Generator
Generate strong, secure random passwords with custom length, character sets, and exclusion rules. All generation happens in your browser — nothing is sent to any server.
About the Password Generator
A strong, unique password is your first line of defence against unauthorised access to online accounts. This tool uses the Web Crypto API (window.crypto.getRandomValues()) to produce cryptographically secure random passwords entirely within your browser — your passwords are never transmitted to any server and never stored anywhere.
How to generate a secure password
- Set your desired password length using the slider. We recommend a minimum of 16 characters for most accounts.
- Choose which character types to include: uppercase letters, lowercase letters, numbers, and symbols.
- Use "Exclude similar characters" if you need to type or read the password aloud — it removes characters like
0andO,1andl. - Choose how many passwords to generate at once (useful for bulk provisioning).
- Click Generate Password, then copy your result.
Understanding password strength and entropy
The tool displays an entropy estimate (in bits) for each generated password. Entropy measures how unpredictable a password is — the higher the number, the harder it is to crack. As a rule of thumb:
- Below 40 bits — Weak; vulnerable to brute-force attacks
- 40–60 bits — Moderate; acceptable for low-value accounts
- 60–80 bits — Strong; suitable for most accounts
- 80+ bits — Very strong; recommended for high-value accounts such as banking or email
Should I use a password manager?
Yes — absolutely. A password manager allows you to use a unique, randomly generated password for every site without having to remember them. We recommend Bitwarden (free and open-source), 1Password, or the offline KeePass. Never reuse passwords across different websites.