Password Generator
Generate strong, secure passwords instantly. 100% client-side — nothing leaves your browser.
Your Secure Password
Customise Password
Security Tips
Unique password per account
16+ chars for important accounts
Use Bitwarden, 1Password, etc.
Extra layer of protection
Never share via email or text
Change every 3-6 months
Share This Tool
About Password Security
What Makes a Strong Password?
A strong password is at least 12 characters long and includes uppercase, lowercase, numbers, and symbols. Avoid personal info, dictionary words, or patterns like "123456".
Understanding Entropy
Entropy measures randomness in bits. 40 bits = fair, 60 bits = strong, 80+ bits = very strong. More character types and longer length both increase entropy exponentially.
Is This Secure?
Yes! Passwords are generated in your browser using the Web Crypto API. Nothing is sent to any server. Your passwords never leave your device.
Crack Time Estimates
We estimate crack time assuming 10 billion guesses per second (modern GPU cluster). An 8-char lowercase password: minutes. A 16-char mixed password: billions of years.
FAQ
How long should my password be?
12+ characters minimum. 16+ for banking, email, and sensitive accounts. Each extra character multiplies the difficulty exponentially.
Should I use different passwords for every site?
Absolutely. If one site is breached, attackers try those credentials everywhere. A password manager makes this easy.
Are passwords stored on your server?
No. Everything runs in your browser. The history feature uses browser memory only and clears when you close the tab.
What is two-factor authentication?
2FA requires a second verification (phone code, authenticator app) beyond your password. Even if your password is stolen, your account stays safe.
Why avoid common passwords?
Hackers try millions of common passwords first ("password123", "qwerty"). A random password is virtually impossible to guess.