Password Generator

Generate strong, random passwords instantly using cryptographically secure randomness. Everything runs in your browser — nothing is ever sent to a server.

Length 16

Characters

Uppercase (A–Z) Lowercase (a–z) Numbers (0–9) Symbols (!@#$%^&*)

5 More Passwords

About Password Security

A password's strength is measured in entropy bits — the logarithm of the number of possible combinations. More bits means more time needed to brute-force the password.

How Entropy is Calculated

Entropy = log₂(pool size) × length. With uppercase + lowercase + digits + symbols the pool is 94 characters. A 16-character password from that pool gives ~104 bits of entropy — far beyond what modern hardware can crack.

Strength Thresholds

This tool uses the following scale: Weak (<40 bits), Fair (40–60 bits), Strong (60–80 bits), Very Strong (80+ bits). Most accounts only need a Strong password; use Very Strong for password manager master passwords and encryption keys.

Why Cryptographic Randomness Matters

This tool uses crypto.getRandomValues() — the same Web Cryptography API used by browsers for TLS. It produces statistically unbiased, unpredictable randomness unlike Math.random(), which is only pseudo-random and unsuitable for security purposes.

Best Practices

Use a unique password for every account. Store them in a reputable password manager (Bitwarden, 1Password, KeePass). Enable two-factor authentication wherever possible. A 16-character random password is stronger than a 30-character memorable phrase with predictable substitutions.