Cybersecurity

Password Generator

Create cryptographically secure passwords with customisable requirements. Uses your browser's Web Crypto API for true randomness, meaning no passwords ever leave your device.

1-2 min

Beginner

Runs locally

All Cybersecurity tools

Security Notice

This tool handles sensitive data. All processing happens in your browser and no data is sent to any server. However, you should avoid entering real credentials or sensitive information when learning.

Educational Tool

This is designed for learning and exploration. Use test data when possible and always verify results independently for production use.

Password Options

Length16 characters

83264128

Character Types

UppercaseA-Z

Lowercasea-z

Numbers0-9

Symbols!@#$%...

Exclusions

Exclude ambiguous0, O, l, 1, I

Exclude similar

Generated Password

No password generated yet

Click "Generate Password" to create a secure password

Understanding Password Security

What is entropy?

Entropy measures password randomness in bits. Each bit doubles the number of possible combinations an attacker must try. A 40-bit password has about 1 trillion combinations. An 80-bit password has over a septillion combinations, making brute-force attacks practically impossible with current technology.

Why use a generator?

Humans are terrible at creating random passwords. We tend to use patterns, dictionary words, and predictable substitutions that attackers know to try first. A cryptographic generator creates truly random passwords that have no patterns to exploit.

Recommended settings

For most accounts, I recommend 16 or more characters with uppercase, lowercase, numbers, and symbols enabled. This gives you about 100 bits of entropy, which is considered secure against all known attack methods for the foreseeable future.

Storing passwords safely

Never reuse passwords across sites. Use a password manager to store your generated passwords securely. Good options include Bitwarden (open source), 1Password, or your browser's built-in password manager if it syncs securely.

Your Privacy is Protected

• Passwords are generated entirely in your browser using the Web Crypto API
• No passwords are transmitted over the network or stored on any server
• Password history is stored only in memory and cleared when you leave the page
• This tool works offline once the page has loaded