Password Generator
Generate strong, secure, random passwords. Customise length and character sets — uppercase, lowercase, numbers, and symbols.
Generated passwords
Strength: · Entropy: bits
What is Password Generator?
A password generator creates random, secure passwords using cryptographically strong randomness from your browser. You control the length and character set — uppercase letters, lowercase letters, numbers, and symbols. The entropy score shows how resistant the password is to brute-force attacks: higher entropy means a stronger password.
How to use
- 1 Set the desired password length using the slider — longer passwords are significantly stronger.
- 2 Check or uncheck character sets to include uppercase, lowercase, numbers, and symbols.
- 3 Enable Exclude ambiguous characters to remove visually similar characters like 0, O, l, and 1.
- 4 Choose how many passwords to generate (1, 3, 5, or 10).
- 5 Click Copy next to any password to copy it to your clipboard.
Example calculation
A 16-character password using uppercase, lowercase, and numbers draws from a 62-character set, giving 62^16 possible combinations and about 95.3 bits of entropy — rated Very Strong. Adding symbols expands the set to around 88 characters and pushes entropy above 103 bits.
Frequently asked questions
Is this password generator secure?
Yes. Passwords are generated using the Web Crypto API (crypto.getRandomValues), which produces cryptographically strong random values. No passwords are transmitted or stored — all generation happens locally in your browser.
What does entropy mean for passwords?
Entropy measures the unpredictability of a password in bits. Each additional bit doubles the number of possible passwords. Passwords with 80+ bits of entropy are generally considered strong against modern brute-force attacks.
How long should my password be?
Security experts generally recommend at least 12 to 16 characters for most accounts and 20 or more for high-value accounts. Length has a larger impact on security than complexity alone.
Should I use a different password for every account?
Yes. Reusing passwords means a breach at one site exposes all your accounts that share it. A password manager can store unique strong passwords for every site so you only need to remember one master password.
Why exclude ambiguous characters?
Characters like 0 and O or l and 1 can be confused when reading a password aloud or typing it on an unfamiliar keyboard. Excluding them makes passwords easier to transcribe without reducing security significantly.