Password Generator creates cryptographically strong random passwords using your browser's secure random number generator — nothing is ever transmitted or stored. Choose the length (8–128 characters), toggle uppercase, lowercase, digits, and symbols, and exclude ambiguous characters like O, 0, I, and l. The entropy meter shows how long a brute-force attack would take to crack the generated password.
0 O l I 1 — useful for passwords you'll type manually.crypto.getRandomValues() for cryptographic strength.Password strength is primarily determined by length and character variety. The NIST SP 800-63B guidelines recommend passwords of at least 8 characters, but 16+ characters dramatically increases resistance to brute-force attacks. Including uppercase, lowercase, digits, and symbols maximises entropy per character.
Entropy measures unpredictability in bits. A password drawn from a pool of 72 characters (26 lowercase + 26 uppercase + 10 digits + 10 symbols) has ~6.17 bits of entropy per character. A 16-character password from this pool has ~98 bits of entropy — modern computers would take billions of years to brute-force at any realistic speed.
This tool uses crypto.getRandomValues() — the browser's cryptographically secure pseudo-random number generator (CSPRNG). Passwords are never transmitted to a server. Choose your desired length and character sets, then copy the result directly.