—A strong password is long and random — the two things humans are worst at inventing. A password generator does it properly: it picks characters at random from the sets you choose, producing something no dictionary or pattern-guesser can crack. This one runs entirely in your browser; the password is never sent anywhere.
Choose the length and which character types to include, and a strong password is generated instantly, with its entropy shown.
How is it calculated?
What makes a password strong
Two things: length and randomness. A longer password from a larger character set has exponentially more combinations. The tool lets you include: - lowercase (always on) - uppercase (A–Z) - digits (0–9) - symbols (!#$…)
Each set you add enlarges the pool every character is drawn from, multiplying the number of possible passwords.
Entropy — the real strength measure
Entropy, measured in bits, quantifies unpredictability: each bit doubles the number of guesses an attacker needs. A 16-character password using all four sets (a pool of ~94 characters) has about 105 bits of entropy — far beyond what's brute-forceable. As a rough guide: under 50 bits is weak, 70–80 is decent, 100+ is very strong.
Why generated beats invented
People reuse patterns, names and dates, which guessers exploit. A generator draws each character independently at random, so there's no pattern to attack. And because this runs on your device, the password isn't transmitted or logged anywhere.
Using it safely
- Use a unique password for every account — a generator makes this painless.
- Store them in a password manager rather than memorising or reusing.
- Longer is better: prefer 16+ characters where the site allows.
Worked example
Generate a 16-character password with uppercase, digits and symbols all enabled, and the character pool is about 94 possible characters per position. That gives roughly 94¹⁶ combinations — an entropy of about 105 bits. To put that in perspective, even a machine trying billions of guesses per second would need vastly longer than the age of the universe to exhaust them. Drop to 8 characters and the entropy roughly halves to ~52 bits, which is where passwords start becoming crackable — which is why length is the single biggest lever.
FAQ
How does the password generator work?+
It draws each character independently at random from the sets you enable (lowercase, uppercase, digits, symbols). You pick the length; the result is shown with its entropy. Everything runs on your device.
What is a good password length?+
16 characters or more where allowed. Length is the biggest factor in strength — each extra character multiplies the number of possible passwords.
What is entropy and why does it matter?+
Entropy, in bits, measures unpredictability — each bit doubles the guesses needed to crack it. Under 50 bits is weak; 100+ is very strong. A 16-character mixed password has about 105 bits.
Is the generated password sent anywhere?+
No — it is created entirely in your browser and never transmitted or stored on any server. You can even go offline and it still works.
Why is a generated password safer than one I make up?+
People reuse names, dates and patterns that guessers target. A generator picks each character independently at random, leaving no pattern to exploit.
How should I store strong passwords?+
Use a password manager and a unique password per account. That way you never reuse or memorise them, and the generator makes creating new ones effortless.