Other · Live
Strong passwords,
in your browser only.
A free password generator backed by your browser's cryptographic entropy. Pick a length and the character classes you need, and roll a fresh password or fifty — with a live entropy meter that tells you exactly how strong it is. Nothing is sent over the network.
Inputs
Length & rules
Security note: Passwords are generated locally in your browser using the Web Crypto API. We never see, store, or transmit them to any server. Refreshing the page wipes all generated data.
Character classes
- Charset size
- 0
- Entropy
- —
- Source
- crypto.getRandomValues
Password
16 chars · 0-pool
—
Reference
Entropy strength scale
| Strength | Entropy bits | |
|---|---|---|
Very weak | < 28 | Trivially cracked online |
Weak | 28 – 35 | Cracked offline in seconds |
Fair | 36 – 59 | Cracked offline in hours |
Strong | 60 – 79 | Resistant to offline GPU attack |
Very strong | 80 – 127 | Resistant to nation-state attack |
Excellent | 128 + | Effectively unbreakable |
Field guide
What makes a password actually strong.
The single number that matters when judging a password is its entropy: measured in bits — which captures both how long the password is and how big the pool of characters it was drawn from is. A 4-character all-digit PIN has roughly 13 bits and falls in seconds against an offline attacker. A 16-character mix of upper, lower, digits, and symbols has roughly 105 bits and resists every realistic offline attack.
The entropy formula
For a password of length L drawn uniformly from a pool of size N:
With all four classes enabled (26 + 26 + 10 + 27 = 89 characters), each character contributes about log₂(89) ≈ 6.48 bits. Multiply by length and you get the total. Drop the symbols and you fall to a 62-char pool, about 5.95 bits per character. Length-for-length, fewer classes = less entropy.
Why Math.random is not enough
JavaScript's Math.random is a pseudo-random generator seeded once per page load. Anyone who observes a handful of outputs can often reverse the seed and predict every future call, including future passwords. This calculator instead uses crypto.getRandomValues, which is wired straight to your operating system's cryptographic random source —/dev/urandom on Linux/macOS, BCryptGenRandom on Windows.
Avoiding modulo bias when picking characters
A naive character picker does charset[rand32 % size], which is biased whenever size doesn't divide 2³² evenly — small indices are slightly more likely than large ones. The generator uses rejection sampling instead: discarding any draw that lands in the leftover region. The output is exactly uniform over the charset.
Length beats class diversity
Adding more character classes increases per-character entropy, but length increases total entropy linearly. The biggest win is almost always to add four more characters rather than to bolt on another class:
- 12 chars, all 4 classes: about
78bits. - 16 chars, all 4 classes: about
105bits. - 20 chars, all 4 classes: about
131bits. - 16 chars, no symbols: about
95bits, still strong.
What look-alike filtering costs you
Excluding visually ambiguous characters (0/O, 1/l/I,|/`, '/") shrinks the pool by ~9 characters. On a 16-character all-class password, that drops entropy by about 2 bits — negligible. The trade-off is worth it any time you might type the password by hand or read it off a screen.
How long a password should be
Modern offline GPU attacks can test billions of guesses per second against unsalted hashes; cloud-scale attacks reach trillions. A practical lower bound, in 2026:
- Throwaway accounts: 12 chars, all classes (~78 bits): fine.
- Personal email, banking, password manager master: 16+ chars, all classes (~100+ bits): the floor. Use a passphrase if you must memorize it.
- Encryption keys, vault recovery: 24+ chars (~155+ bits): where this generator's max length earns its keep.
Worked example
A 16-character password drawn from all 4 classes with no look-alike filter has entropy 16 × log₂(89) ≈ 104.5 bits. At a (very generous) attacker speed of 10¹² guesses per second, it would take 2¹⁰⁴·⁵ / 10¹² ≈ 7.5 × 10¹⁸ seconds on average, about 240 billion years. Drop length to 12 with the same charset and you're at ~78 bits, still about 9 million years at the same attacker speed.
What to do with the password once you've copied it
Don't email it, don't put it in a chat, don't write it on a sticky note. Use a password manager (Bitwarden, 1Password, iCloud Keychain, KeePass), all of them encrypt the vault and let you autofill, so length doesn't have to be memorable. Reuse no password across any two accounts that you'd care about being breached.
What this generator doesn't do
We don't generate passphrases (Diceware-style word sequences), recovery keys, or memorable patterns — for those use a dedicated tool. We also don't store, log, or transmit anything: every password is generated client-side in your browser, and a refresh wipes the slate.
Disclaimer
Strength estimates assume the attacker doesn't know anything about how your password was generated. If you reuse the same password across services and one of them leaks, the entropy number above tells you nothing useful. Unique-per-service is non-negotiable.